plunker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's plnkr.sh download step explicitly fetches plunk JSON from the public API (https://api.plnkr.co/plunks/$id) and the SKILL.md workflow requires downloading and then reading/modifying those user-provided files, so untrusted, user-generated content from plnkr.co could be ingested and influence subsequent actions.