marp-slides

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required references and export workflow explicitly pull external assets — e.g., Google Fonts via @import in references/THEMES.md and an Unsplash image URL in references/examples/editorial.md — and references/EXPORT.md documents that marp-cli export with --html may fetch and execute arbitrary HTML (including ), so untrusted third-party content can be ingested and influence rendering/tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill instructs running "npx @marp-team/marp-cli@latest" at export time, which will fetch and execute remote code from the npm registry (e.g., https://registry.npmjs.org and the project repo https://github.com/marp-team/marp-cli), so this is a required runtime dependency that executes remote code.