convert-to-markdown

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests untrusted public web content—scripts/mhtml-to-md.py loads arbitrary HTTP(S) MHTML URLs via urllib.request.urlopen and scripts/youtube-transcript.py uses yt-dlp to download transcripts from arbitrary YouTube URLs—so the agent is expected to read/convert that third‑party content (web pages and user-generated video transcripts), which could contain instructions that materially influence subsequent actions.