codexplusplus-launcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly references fetching GitHub resources (e.g., "Proxy Configuration for GitHub Resources", troubleshooting for "Plugin Loading Failed or GitHub Resource Errors") and describes unlocking/force-installation of plugins, indicating the launcher fetches and enables third‑party (public GitHub/user-provided) content that the agent/Codex will read/execute and could therefore enable indirect prompt injection.