plugin-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required documentation explicitly instructs agents to perform web searches and fetch external content (e.g., "Use WebFetch tool to read official documentation" and external search/Exa/WebSearch guidance in references/tool-invocations.md, plus HTTP MCP server examples in references/components/mcp-servers.md), meaning the agent will ingest untrusted public web/forum content and use it to drive tool use and decisions.