dependency-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The agent explicitly runs and parses npm/pnpm audit JSON and npm/pnpm outdated outputs and "cross-references CVE databases" (see agents/dep-auditor.md Step 2 and SKILL.md), which ingests advisory and registry data from public third-party sources (npm/GHSA/CVE feeds) that are untrusted and will be read/interpreted as part of its workflow.