build-presentation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 3 "Step 2: Fetch and summarize sources" (PHASES.md) explicitly fetches arbitrary Kilde links from AGENDA.md and summarises them into docs/sources/*.md which the agent then reads and uses to generate slides, meaning untrusted public URLs can directly influence its outputs.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Phase 3 step 2 explicitly fetches every Kilde link in AGENDA.md at runtime and summarizes that external content into docs/sources/*.md which is then read by the generator—so any arbitrary URL provided as a Kilde can directly influence the agent's prompts/output (i.e., "Kilde" links in AGENDA.md).