audit-dependency-versions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md procedure explicitly instructs fetching and interpreting public third-party content (e.g., CRAN via available.packages(), npm via npm outdated/npm view, PyPI via pip index/pip list, cargo/cargo outdated, and GitHub Security Advisories or external changelogs) and uses those results to drive upgrade and security decisions, so the agent will consume untrusted web content that can influence actions.