rhdh-frontend-dynamic-plugin-bootstrap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs configuring dynamic-plugins.yaml to load frontend plugins from public OCI registries (e.g., package: oci://quay.io/...) and to import/export plugin components and custom condition functions (see SKILL.md Step 8 and references/entity-page.md), which means untrusted third‑party plugin code from the open web would be fetched and executed and can materially influence runtime behavior.