bump-deps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill runs the included scripts/run-taze.sh which invokes the taze CLI to enumerate updates (Step 1 / the script), thereby ingesting public npm registry/package metadata (third‑party, user‑published content) that the agent must parse and that directly drives update decisions.