plugin-creation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes and instructs using an MCP (“Skill Seeker MCP”) to scrape external documentation sites (references/03-skills/creation-approaches.md shows commands like mcp__skill-seeker__scrape_docs --config ... and URLs such as https://docs.example.com) and also describes MCP HTTP transports and cloning public repos, meaning the agent will ingest and act on arbitrary public third‑party content that can influence downstream tool use.