dependency-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow explicitly runs language-specific update/audit tools (e.g., taze, npm audit, pip-review, pip-audit, go list -m -u) which query public package registries and package metadata on open third-party services (npm, PyPI, etc.), and those untrusted, user-published responses are parsed and used to decide/drive updates—so the agent consumes and acts on untrusted third-party content.