ppt-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and processes arbitrary user-provided data files (CSV/Excel/JSON) and refs.md data specifications—notably via scripts/chartkit.py and the orchestration pipeline (Stages 8b–8c) that synthesize/generate charts and feed those results into slide generation—so untrusted third‑party/user-generated content is read and used at runtime.