ln-014-agent-instructions-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads and parses third‑party plugin SKILL.md files from user/plugin installs and caches (Phase 1b: e.g., ~/.claude/plugins/marketplaces/* and ~/.claude/plugins/cache/{publisher}/{plugin}//skills//SKILL.md) and uses that untrusted, external content to score conflicts and drive follow-up actions (disable prompts/requests), so external text can materially influence agent decisions.