a0-contribute-plugin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to fetch and inspect public, user-maintained resources (e.g., the index.json at https://github.com/agent0ai/a0-plugins/releases/download/generated-index/index.json and the remote plugin.yaml via curl to raw.githubusercontent.com) as required validation steps, meaning untrusted third‑party content would be read and used to determine actions (folder naming, acceptance, and PR workflow).