dataviz-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md files show the agent ingesting and even executing public, user-contributed content — e.g., algorithm-visualizer references an "algorithms" public repository whose JavaScript visualizations are compiled/executed by the server, and echarts-visualization-guide includes loadExperimentData(csvUrl) that fetches arbitrary CSV URLs — meaning untrusted third‑party content is read and can materially affect runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The ECharts example loads and executes remote JavaScript at runtime via the CDN URL https://cdn.jsdelivr.net/npm/echarts@5/dist/echarts.min.js, which is a runtime external dependency that fetches and executes code in the user's environment.