configure-claude-plugins

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly configures GitHub Actions to use an external plugin marketplace (plugin_marketplaces: https://github.com/laurigates/claude-plugins.git in the .github/workflows/*.yml snippets), meaning the Claude Code action will fetch and execute third-party (user-generated) plugins that can influence agent behavior and thus enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The GitHub Actions workflows pass https://github.com/laurigates/claude-plugins.git to anthropics/claude-code-action so the action will fetch that marketplace at runtime to load plugin definitions which can inject prompts or provide executable behavior, meaning the external repo directly controls agent instructions.