033-architecture-diagrams

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and templates explicitly instruct fetching public third‑party resources (e.g., !include https://raw.githubusercontent.com/plantuml-stdlib/C4-PlantUML/... in the C4 examples and curl/downloading plantuml.jar from GitHub releases) which are untrusted external content the agent is expected to incorporate into diagram generation and validation, so those remote files could indirectly influence tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly instructs downloading and running remote code during runtime via "curl -L -o plantuml.jar https://github.com/plantuml/plantuml/releases/latest/download/plantuml.jar" followed by "java -jar plantuml.jar", which fetches and executes external code as a required dependency (the templates also reference remote !include URLs on raw.githubusercontent.com that PlantUML will fetch at render time).