bun-install

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md execution steps explicitly run "bun install" (which fetches packages from public package registries) and may run project scripts like "bun run prepare", so the agent will ingest and execute untrusted, user-published package content from third-party registries during its workflow.