mermaid-to-gif

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly loads and executes Mermaid.js from a third‑party CDN (MERMAID_CDN in scripts/mermaid_to_gif.py and the SKILL.md note "Internet required: Mermaid.js is loaded from CDN at render time") inside generated HTML that the Playwright-run browser evaluates, so untrusted external code can affect rendering logic (window.setProgress/window.animationReady) and thereby materially influence the tool's capture and processing behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill loads and executes remote JavaScript at render time from https://cdn.jsdelivr.net/npm/mermaid@11/dist/mermaid.min.js (embedded via in the generated HTML and run inside headless Chromium), which is a required runtime dependency that executes remote code.