uv

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly performs network fetches from public package indexes, git repositories, and arbitrary URLs (see SKILL.md and references/resolution.md examples such as tool.uv.sources entries like git="https://github.com/..." and url="https://example.com/..." plus commands like uv sync/uv lock and uv python install that download from PyPI/mirrors), so it ingests untrusted third-party content that can influence dependency resolution and subsequent tool actions.