dependency-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md workflow explicitly runs ecosystem tools and audits (e.g., taze, npm/pip/go/cargo commands and security scans like npm audit, pip-audit, govulncheck) that query public package registries and vulnerability databases—third-party, user-published content—which the agent parses and uses to classify updates and decide/prompt for actions (Steps 3 and 7), so untrusted external content can materially influence behavior.