youtube-comments-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches public, user-generated YouTube comments via the YouTube Data API (see scripts/youtube_comments_fetch.py and SKILL.md / OpenClaw templates using commentThreads.list and comments.list) and returns the comment text in JSON for downstream agents to consume, so untrusted third-party content can be read and influence subsequent agent behavior.