034-architecture-diagrams

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's C4 diagram templates and rendering/validation steps explicitly include and rely on remote PlantUML libraries hosted on raw.githubusercontent.com (e.g., the "!include https://raw.githubusercontent.com/plantuml-stdlib/C4-PlantUML/..." and related !include URLs) which are public, third‑party files that will be fetched and used as part of diagram generation/validation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs fetching and executing remote code at runtime (e.g., curl -L -o plantuml.jar https://github.com/plantuml/plantuml/releases/latest/download/plantuml.jar followed by java -jar plantuml.jar) and also uses PlantUML !include directives that pull macros from raw GitHub URLs (e.g., https://raw.githubusercontent.com/plantuml-stdlib/C4-PlantUML/master/C4_Context.puml), both of which are fetched at runtime and are required to render C4/PlantUML diagrams, so remote content can execute or control the agent's runtime behavior.