pcl-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SkillRegistry and HTTPRegistryServer (artifact storage via local/HTTP/S3, routes like GET /artifacts and /search) plus CLI commands such as "pcl skills install" and "pcl registry search" indicate the system will fetch and install user-published artifacts from remote HTTP/S3 registries, meaning it would ingest untrusted third-party content.