ln-781-build-verifier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 2 "Restore Dependencies" (SKILL.md) explicitly restores packages (npm, NuGet, PyPI, crates.io, etc.) from public package registries, meaning it fetches and consumes untrusted, user-published third-party content which can include executable install/build scripts that materially influence build actions and tool use.