skill-discovery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and scrapes a public registry (e.g., WebFetch to https://claude-plugins.dev/skills?q={keywords}, scripts/search_skills.py, and the popular-skills-cache.md refresh instructions) and directly reads/parses skill names and descriptions (user-provided, third-party content) which are then interpreted and incorporated into ranking and synthesized pipelines—exposing the agent to untrusted external content that could carry indirect prompt injections.