slide-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and parse user-provided web URLs (e.g., "If user provides web URLs: use web_fetch to extract design cues" in SKILL.md and repeated in references/art-direction.md), meaning untrusted public webpages are read and interpreted to drive style selection and subsequent HTML/CSS generation, so third-party content can materially influence the agent's actions.