youtube-chapter-clipper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads public YouTube videos and English subtitles via yt-dlp (see maybe_download/yt-dlp and references/commands.md) and its workflow/script (step 5 + parse_vtt and build_chapters) requires the agent to read and semantically analyze the full subtitle text, which is untrusted/user-generated content that could carry indirect prompt injections.