sandbox-npm-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required install workflow (scripts/install.sh and SKILL.md Step 2) explicitly runs "npm ci"/"npm install" and npx commands which fetch and install packages and browser binaries from the public npm/Playwright registries (untrusted third‑party code) and then imports/verifies them with node, so that downloaded content can execute and materially influence tool behavior.