ln-011-agent-installer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's Phase 1 Install & Verify explicitly runs commands like "npm install -g @openai/codex" and "npm install -g @anthropic-ai/claude-code" (and may run "claude update"), which fetch and install packages from the public npm registry—untrusted third-party content that can be executed and therefore materially influence agent behavior.