crxhub-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly retrieves and installs extension assets from public GitHub Releases (see SKILL.md: "Manage browser extensions from GitHub Releases" and commands like "$CRX install <owner/repo>" / "$CRX update <owner/repo>"), i.e., arbitrary user-generated third-party content that the tool must inspect and act on, so untrusted release assets/metadata could materially influence tool behavior.