nocobase-publish-manage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill autonomously calls user-supplied HTTP(S) endpoints and CLI outputs (see scripts/publish-manage.mjs: callApi + listLatestBackupCandidates which queries source/target baseUrl and inspectPmListViaCli/runCtl which parses pm list output) and then parses those responses to decide gates, backup candidates, plugin readiness and subsequent actions, meaning untrusted third‑party content from arbitrary URLs/envs is read and can materially influence tool use.