content-transformation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests public, user-generated YouTube content (see the youtube_summary pattern and the extract_latest_video/extract_videoid handlers which process transcripts, video metadata, and URLs), so the agent would fetch and read untrusted third‑party content that could carry indirect prompt injections.