excalidraw-diagram

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required render pipeline loads and executes a remote JS module from the public CDN (see references/render_template.html which imports exportToSvg from "https://esm.sh/@excalidraw/excalidraw?bundle"), so the agent's renderer fetches and runs third‑party content that the agent then reads/uses for rendering and visual validation.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The render template (references/render_template.html) performs a runtime ES module import from https://esm.sh/@excalidraw/excalidraw?bundle which will fetch and execute remote JavaScript in the renderer page and is required for the skill's render pipeline to work, so this is a runtime external dependency that executes remote code.