meta-plugin-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's distribution documentation explicitly lets the agent add/browse/install marketplaces and plugins from external GitHub/git URLs (references/distribution.md and references/plugin-anatomy.md), and those third‑party plugins can include hooks of type "prompt", scripts, and agents (references/components.md) that the agent will load and execute, meaning untrusted external content can supply instructions that influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The docs allow installing plugins from external git URLs (e.g., https://gitlab.com/team/plugin.git), which are fetched at runtime to install plugins that may include hooks, MCP servers, or npx commands that execute remote code, so this is a runtime dependency that can run remote code.