plugin-master

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to add and install plugins from public GitHub marketplaces and to read marketplace.json and plugin manifests (e.g., "/plugin marketplace add user/repo", "/plugin install name@user" and cloning marketplace repos / reading .claude-plugin/marketplace.json), which are arbitrary public third‑party sources the agent would load and interpret.