upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly fetches remote files and repository data from public GitHub URLs (curl to https://raw.githubusercontent.com/.../VERSION and git fetch/clone/pull from https://github.com/canhta/deliverable.git), so untrusted, user-controlled content (VERSION, commit logs, repo contents) is ingested and displayed and could influence agent decisions or actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill runs "npx skills add canhta/deliverable" at runtime, which fetches and executes remote package code (from the npm registry / remote repo), so it is a runtime-executed external dependency.