excalidraw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md "When User Requests Icons" and the "Manual Icon Integration" steps) instructs the assistant to obtain and read third‑party libraries from https://libraries.excalidraw.com and local files like libraries//reference.md and icons/*.json, meaning the agent is expected to ingest untrusted, public icon JSON content and use it to drive diagram-generation actions.