wordpress-plugin-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's documentation and examples (e.g., SKILL.md and references/github-auto-updates.md) explicitly instruct the agent/plugin to fetch and parse remote update metadata and packages from public URLs/GitHub (e.g., wp_remote_get(MY_PLUGIN_UPDATE_URL) and PucFactory::buildUpdateChecker('https://github.com/...')), which are untrusted third‑party sources and can materially change behavior by supplying updates or instructions at runtime.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). Flagged because the skill includes runtime auto-update logic that queries and downloads plugin packages from GitHub (e.g., https://github.com/yourusername/your-plugin/) and relies on the Plugin Update Checker library (https://github.com/YahnisElsts/plugin-update-checker), which at runtime can fetch and install remote ZIPs containing executable plugin code.