security-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 4 explicitly instructs the agent to use the WebSearch and Task tools to query and ingest open/public web content (security advisories, CVEs, public websites) for each direct dependency, meaning the agent will read and interpret untrusted third-party/user-generated pages as part of its workflow.