sindri-extension-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This guide explicitly references and requires fetching from public third‑party sources (e.g., requirements.domains listing api.github.com and registry.npmjs.org, binary install URLs like GitHub release URLs, npm packages, and apt repositories) and its install/validate/hooks will download and execute or inspect that external content as part of the extension workflow, exposing the agent to untrusted user‑generated/third‑party data.