office

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's templates and agent workflow explicitly fetch and embed external resources from the public web (e.g., pdf-lib example uses fetch('https://example.com/logo.png'), pptxgenjs examples addImage with path 'https://example.com/image.png', and scripts query the npm registry), so the agent can ingest untrusted third‑party content (images/PDFs/registry data) as part of its document-generation runtime.