kicad

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests third-party, user/manufacturer-generated datasheet PDFs and distributor API responses (e.g., DigiKey/Mouser/LCSC/element14 via the "Datasheet Acquisition" and sync scripts) and passes extracted PDF page content to an LLM for structured extraction and verification, and those extracted datasheet contents are used to drive verification findings and downstream actions (see "Datasheet Acquisition", "PDF processing", and "Datasheet Verification" sections), meeting the criteria for untrusted content that can influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly downloads datasheet PDFs at runtime from distributor APIs (e.g., DigiKey's DatasheetUrl / distributor APIs such as DigiKey, Mouser, LCSC, element14) and passes the fetched PDF text into the LLM for structured extraction, meaning externally hosted URLs are injected into the model context and directly influence prompts/outputs.