denvig-upgrade-npm-dependencies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to locate and read dependency repositories' releases pages or changelog files (e.g., {{repository_url}}/releases or {{repository_url}}/blob/main/CHANGELOG.md discovered via npm view {{package}} repository.url) and use that public, user-authored content to decide whether and how to upgrade packages, which can allow indirect prompt injection.