harness-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs installing third-party plugins via the "Plugin インストール (v2.1.71+ Marketplace)" section (e.g., claude plugin install owner/repo), which pulls untrusted, user-owned repository content from a public marketplace that can alter agent behavior and thus enable indirect prompt-injection.