shorts-video-maker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads arbitrary YouTube videos via scripts/download_video.py and transcribes them with scripts/transcribe.py into transcript.json, which scripts/cut_shorts.py reads to automatically select and extract clip segments—meaning untrusted, user-generated web content can directly influence which actions and tool operations are taken.