nocobase-plugin-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and acts on runtime-backed third‑party content — e.g., parsing local CLI output from yarn nocobase pm list (marker JSON) and calling remote endpoints like /api/pm:list, pm:get, pm:enable/pm:disable as described in SKILL.md and references/v1-runtime-contract.md — and uses that untrusted content to drive verification and enable/disable actions, so it can be influenced by external/user-provided data.