gemini-yt-video-transcript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests public, user-generated YouTube content: scripts/youtube_transcript.py calls fetch_youtube_title_oembed() and — importantly — passes the YouTube URL to Gemini via parts = [..., {"file_data": {"file_uri": url}}], causing the model to read the video content directly, so spoken or embedded instructions in that third‑party content could influence generation.