excalidraw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The renderer (scripts/render.js → parseInput/readFileSync) ingests arbitrary Excalidraw JSON from a user-supplied file or stdin and directly renders text elements (renderElements → text/tspan), so untrusted user-generated content can be supplied and displayed as part of the workflow.