capacitor-plugin-spm-support

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Yes — Step 2 explicitly instructs the agent to search the open web for each CocoaPods dependency and to use repository URLs, version info, or SPM alternatives found there, meaning the agent would fetch and interpret untrusted public third‑party content to decide package dependencies and modify Package.swift.