audit-settings

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly says it will check "plugin settings in marketplace repos" (SKILL.md Step 1) which indicates it fetches and audits settings from public third‑party repositories that are user-generated, and those files are read and used to drive audit findings and follow-up validation, so untrusted content could influence agent decisions.