python-uv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill repeatedly runs commands that fetch and install third-party packages and tooling (e.g., uv add, uv pip install, uv tool install, uv python install, and the Dockerfile COPY from ghcr.io/astral-sh/uv), which clearly pulls code and artifacts from public package/container registries (untrusted, user-contributed sources) that the agent will install/use as part of its workflow.