redis-presentation-decks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The required workflow (SKILL.md step 5) explicitly instructs the agent to "Verify product-specific facts against current Redis docs or user-provided source material," which requires reading public Redis documentation or arbitrary user-supplied content (untrusted third-party material) and using that information to change deck content and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's generated HTML loads and executes third-party JS from CDNs at runtime (for example: https://cdn.jsdelivr.net/npm/reveal.js@6.0.1/dist/reveal.js), which Playwright will fetch/execute during the overflow check and which are required for the deck to function—so remote code is fetched and executed as a required dependency.