youtube-video-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill calls the public YouTube Data API (see scripts/youtube_video_search.py and references/youtube-search-api-notes.md: GET /search and GET /videos), ingests user-generated video metadata/descriptions/statistics, and uses those fields (e.g., comment_count, title, description) to filter results and drive downstream actions (e.g., chaining to $youtube-comments-fetch), so untrusted third‑party content can materially influence agent decisions.