plugin-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's provider implementation (src/providers/{providerName}.ts) and templates explicitly instruct fetching "data from external sources" and platform integrations (e.g., Discord/Slack) and return that content as a "text" LLM context, meaning untrusted third‑party/user‑generated content would be read/interpreted and could influence agent decisions.