lyxy-runner-js

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs automatic dependency fetching and execution from the public npm ecosystem—see references/examples.md and the main SKILL.md which state "Bun 会从 npm 下载缺失的依赖" and that Bun auto-detects/downloads imports—so untrusted third-party code is fetched and run as part of the normal workflow and could materially influence behavior.