plugin-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Phase 1 Research workflow in SKILL.md explicitly instructs subagents to "Search ... GitHub repos with Claude Code plugins" and to fetch external URLs (e.g., the RESEARCHER 1 and RESEARCHER 4 prompts), so the agent ingests public, user-generated web content that is then used to drive research, design, and implementation decisions.