modernize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill runs package manager commands (e.g., npm update / npx npm-check-updates, pip install --upgrade, go get -u, cargo update) that fetch code from public package registries (npm, PyPI, crates.io), which are untrusted, user-published third-party sources and whose contents the agent will execute/inspect when running tests and fixing breaking changes.