releasing-kata

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required release and verification steps explicitly fetch and parse public GitHub content (e.g., gh api repos/gannonh/kata-marketplace/contents/.claude-plugin/marketplace.json and references to raw.githubusercontent.com) and instruct installing plugins from the public marketplace (/plugin install kata@kata-marketplace), which are untrusted third‑party sources whose content is read and used to decide release success and follow-up actions.