plugins-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation (SKILL.md and references/plugin-guide.md) explicitly instructs adding and installing marketplaces/plugins from public GitHub/GitLab repos or arbitrary URLs (e.g., "/plugin marketplace add https://github.com/...", "source: url"), which causes the agent to fetch and interpret remote plugin manifests and markdown-based commands/agents/skills (user-generated content) that can change agent behavior.