marketplace-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly includes fetching and installing plugins from public GitHub repos (see "Phase 3: GitHub installation test" and the use of claude plugin marketplace add <github-user>/<repo> / claude plugin install and the "Source Types" entries for GitHub/Git URLs), which would cause the agent to ingest untrusted, user-generated third-party content that can change tool/plugin behavior.