update-packages

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md's "Catalog Packages" and update steps explicitly instruct running npm commands (e.g., npm view <package> version and npm view <package> versions --json) and bun upgrade, which fetch metadata and package data from the public npm registry (user-published third-party content) that the workflow must read and that directly determines which versions to update and subsequent actions.