refresh-plugin-cache

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches the l3digitalnet-plugins marketplace repo via git (git fetch/reset of ~/.claude/plugins/marketplaces/l3digitalnet-plugins) and reads its marketplace.json, and Claude is expected to interpret that fetched data to decide reinstalls, deletions, and process actions—so untrusted third-party repository content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill runs git fetch origin at runtime against the marketplace clone at ~/.claude/plugins/marketplaces/l3digitalnet-plugins (i.e., the git remote "origin" URL for that repo), then reads marketplace.json and emits structured output that Claude interprets—so remote repository content pulled from the origin URL can directly influence agent prompts/behavior.