prd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's audit/update workflows (drift-prevention.md loaded during /prd --update and /prd --audit-deps) explicitly require running npm/pnpm commands and checking public sites (e.g., npm view, pnpm audit, bundlephobia.com) — i.e., ingesting public, user-maintained registry and website data which the agent would read and use to make dependency/upgrade decisions, exposing it to untrusted third-party content that could influence actions.