bun

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes commands that fetch and inspect packages from public registries (e.g., "bun add ", "bun install", "bun info ", and "bun run -i" which auto-installs deps), which clearly involve ingesting user-published, untrusted third-party content (npm/public package registries) as part of its workflow.