bun-add

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Execution examples and agent workflow explicitly run bun add <package> (see the "Execution" code block and "Agentic Optimizations"), which will fetch and install packages from public package registries (untrusted, user-published third-party content) and thus can materially influence agent behavior and tooling.