code-simplifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and installs remote skill content from a public GitHub repo (remoteSource "anthropics/claude-plugins-official/..." via install-skill.js using npx degit and the remote-update-checker script that queries the GitHub API), so the agent ingests untrusted third‑party content (public repo files/commits) as part of its install/update workflow which can change skill behavior.