update-dependencies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs and parses outputs from public package registries and repos (e.g., npm audit --json and npm outdated --json, pip-audit / pip list --outdated, cargo audit / cargo outdated in scripts/analyze.ts) and its docs instruct fetching changelogs/repos via npm view and gh api repos/.../releases, so it ingests untrusted, user-generated package metadata and release notes that the agent reads and uses.