dependency-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill runs package audits and accesses public package registries (e.g., registry.npmjs.org, pypi.org, rubygems.org, repo.maven.apache.org as listed in the sandbox config) and parses audit/metadata from those third‑party, user‑provided packages, so it clearly ingests untrusted external content as part of its workflow.