antv-l7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's references include multiple explicit runtime examples that fetch and ingest public third‑party content (e.g., references/data/source-geojson.md uses fetch('https://gw.alipayobjects.com/...json'), references/data/source-mvt.md and references/core/scene-methods.md show getCustomData/Scene.addProtocol custom fetch handlers), and those fetched JSON/CSV/MVT/HTML payloads are parsed and fed into layer.setData, .source(...) and Popup.setHTML calls so external, untrusted content can directly influence rendering and runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The SKILL.md includes a runtime CDN script tag that loads and executes remote JavaScript (e.g. https://gw.alipayobjects.com/render/p/hitu_npm/@antv/l7/latest/dist/l7.js), which is fetched and executed at runtime and the skill example relies on it as a required runtime dependency.