context-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly states it "Install[s] context files from registry" and instructs running installer scripts from the plugin root (see "Run the Installer" and the "Network failure" note), which implies downloading and loading externally hosted context files that the agent will then load and act on—exposing it to untrusted third-party content that can influence behavior.