dependency-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly runs external audits and accesses public package registries (see "Audit Commands" / "Automatic Actions" and the sandbox "allowedDomains" listing registry.npmjs.org, pypi.org, rubygems.org, repo.maven.apache.org), parses third-party advisory content, and uses those results to suggest or execute fixes—meaning untrusted, public package/advisory content is ingested and can influence actions.