implement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Step 0.5 "Check for External Packages and Fetch Documentation" explicitly directs the agent to use WebFetch to retrieve documentation from npmjs.org, pypi.org, readthedocs, pkg.go.dev, etc.—public third‑party pages whose content the agent must parse and use to decide API usage and implementation, creating a clear vector for indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly calls WebFetch at runtime to fetch external documentation (e.g., https://www.npmjs.com/package/{package-name}) which is ingested to guide the agent's implementation decisions, meaning remote content directly controls agent prompts/instructions.