baoyu-markdown-to-html

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly downloads and inlines resources from arbitrary http(s) URLs found in input Markdown (see scripts/main.ts: resolveImagePath / downloadFile) and also fetches PlantUML SVGs from a PlantUML server (scripts/md/extensions/plantuml.ts fetchSvgContent), so it ingests untrusted third‑party content into its rendering workflow.