claude-plugin-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to add and install plugins and marketplaces from public GitHub/Git URL sources (e.g., "plugin marketplace add owner/repo", .claude-plugin/marketplace.json entries with "source": "github" or "url": "https://gitlab.com/..."), which are untrusted, user-provided third‑party repositories whose code and metadata the agent would fetch and load into its workflow.