baoyu-markdown-to-html

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill downloads and embeds arbitrary http/https resources referenced in the input markdown (downloadFile/resolveImagePath in scripts/main.ts) and may fetch PlantUML SVGs from the public PlantUML server (scripts/md/extensions/plantuml.ts's generatePlantUMLUrl/fetchSvgContent), so it clearly ingests untrusted third‑party content as part of its workflow.