mermaid

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests user-provided Mermaid diagram definitions as part of its workflow (SKILL.md: "render mermaid code"/"create a mermaid chart") and the docs show that diagram text (directives/frontmatter) can modify mermaid configuration via init/sanitize (config/directives.md and config/configuration.md), so untrusted third‑party/user content can be parsed and change tool behavior (e.g., mermaid.initialize, dompurifyConfig, directives).