mermaid-studio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md requires loading references/aws-architecture.md for AWS/architecture diagrams, and that reference includes an explicit fetch('https://raw.githubusercontent.com/harmalh/aws-mermaid-icons/main/iconify-json/aws-icons.json') example to register an external icon pack — a public, untrusted third‑party URL that the agent is instructed to read/act on and which can change rendering behavior.