rhdh-backend-dynamic-plugin-bootstrap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs packaging and configuring RHDH to load dynamic plugins from untrusted public sources (e.g., OCI images on quay.io, HTTP tgz URLs, and npm registries shown in examples/dynamic-plugins.yaml and references/packaging-guide.md), which means arbitrary third-party code/packages will be fetched and can influence runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). Yes — the skill instructs RHDH to load dynamic plugin packages at runtime from OCI/tgz/npm URIs (e.g., oci://quay.io/example/my-backend-plugin:v1.0.0!my-plugin-backend-dynamic), which will fetch and execute remote container/package code when the platform loads the plugin.