health-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (Step 2: "Run claude plugin list --json to get all available plugins from configured marketplaces") ingests and parses plugin metadata (name, description, keywords, category) from external marketplaces and uses that untrusted third-party content to decide relevance and to suggest or apply configuration changes, so marketplace content could materially influence actions.