plugin-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to load and base responses on external marketplaces and documentation (e.g., "marketplace.json", "Local vs remote marketplace sources", "Git repository marketplaces") and to validate claims using external MCP services/searchors (perplexity, context7, firecrawl), which are open/public third‑party sources and therefore can supply untrusted/user‑generated content the agent will read and interpret.