visualize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Process Step 2 ("For systems/processes — gather information through conversation, web search, or file reading") explicitly directs the agent to perform web searches and ingest open/public content to inform diagram planning, meaning untrusted third‑party pages could be read and materially influence subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The HTML template and documentation load and rely on remote JavaScript from https://cdn.jsdelivr.net/npm/mermaid@11/dist/mermaid.min.js at runtime (the generated page fetches and executes this script to render diagrams), so this is an external dependency that executes remote code and is required for the skill to function.