diagram-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The json-data-visualizer SKILL.md explicitly shows fetching a public CrossRef API response ("https://api.crossref.org/works/10.1038/nature12373") and instructs opening that JSON in JSON Crack for schema exploration, meaning the skill ingests untrusted third-party data which the agent is expected to read/interpret as part of its workflow and could influence parsing/decision steps.