youtube-summarizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and README explicitly fetch YouTube transcripts via the MCP YouTube Transcript server for arbitrary YouTube URLs (see "Fetch Transcript" step and install instructions), and the agent reads and interprets those public, user-generated transcripts to generate summaries and responses—allowing malicious or instructive transcript content to influence the agent's outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly requires and at runtime clones/installs and executes code from the external GitHub repo https://github.com/kimtaeyoon83/mcp-server-youtube-transcript (git clone + npm install/build and node import), so remote code is fetched and executed as a required dependency.