dependency-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — SKILL.md explicitly instructs running tools and visiting public sites that fetch package metadata and reports from untrusted public sources (e.g., npm via npm info/npm audit, bundlephobia.com, pip-audit, cargo audit), and those third‑party outputs are read and used to decide dependency actions, so they could carry indirect prompt-injection content affecting decisions.