dotnet-dependency

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's workflow explicitly instructs running commands that query public NuGet package sources (e.g., dotnet package search, dotnet list package --vulnerable/--outdated, and third-party dotnet-outdated against nuget.org), which ingest user-published package metadata from the open web that the agent is expected to read and that can influence update/remove/add actions.