excalidraw-diagram

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md Research Mandate explicitly requires the agent to "look up the actual JSON/data formats" and "find the real event names, method names, or API endpoints" from external/public documentation (i.e., open websites) before generating technical diagrams, which forces the agent to fetch and interpret untrusted third‑party content as part of its required workflow (SKILL.md Research Mandate / Design Process).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The renderer template (references/render_template.html) imports and executes a remote JS module at runtime from https://esm.sh/@excalidraw/excalidraw?bundle, which the skill's render pipeline depends on to produce SVGs, so external code is fetched and executed during skill runtime.