lovstudio-image-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Mechanism 2 (Code-Based Rendering) in SKILL.md explicitly instructs including external CDN resources (React/Tailwind via https://cdn.jsdelivr.net and Google Fonts) in the generated HTML, and the render_to_png.py Playwright renderer loads that local HTML with network access (page.goto ... wait_until="networkidle"), which means the agent will fetch and execute third-party web content that could alter rendering or embedded text/scripts and thus indirectly influence subsequent decisions or actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The HTML template used at runtime loads and executes remote JavaScript from CDNs (e.g. https://cdn.jsdelivr.net/npm/react@19/umd/react.production.min.js, https://cdn.jsdelivr.net/npm/react-dom@19/umd/react-dom.production.min.js, https://cdn.tailwindcss.com, https://cdn.jsdelivr.net/npm/@babel/standalone/babel.min.js, and the Google Fonts URL) when Playwright opens the file:// page, so external code is fetched and executed and is required for the code-based rendering mechanism.