update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly states it "always verifies against npm ground truth and GitHub commits" and includes commands like npm view ... and links to external docs, so the agent is expected to fetch and interpret package metadata and GitHub content from public third-party sources (npm/GitHub), which could contain untrusted, user-generated data.