latest-version

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts/latest.js explicitly fetches and parses live content from public third-party sources (e.g., registry.npmjs.org, pypi.org, proxy.golang.org, crates.io, rubygems.org, the GitHub API/readme, and ai.google.dev model docs), and the agent is instructed to use and act on those parsed metadata/readme contents (warnings, deprecations, model IDs), which are untrusted/user-generated and can materially influence decisions.