md-to-docx-template

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill ingests arbitrary user-provided and potentially remote content as part of normal operation — md-to-docx.py reads/assembles user markdown/manifest files (and allows remote images via pandoc), and extract-styles.py reads styles from an arbitrary source .docx — so the agent will parse untrusted third‑party/user-generated content at runtime.