baoyu-markdown-to-html

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill downloads arbitrary HTTP/HTTPS image URLs as part of convertMarkdown (resolveImagePath -> downloadFile in scripts/main.ts) and also constructs/fetches PlantUML SVGs from a remote PlantUML server (scripts/md/extensions/plantuml.ts), so it ingests untrusted third‑party web content into its workflow.