pnpm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill exposes package-management commands (install, add, dlx, aliases using the npm: protocol) which clearly involve fetching and ingesting packages from public npm registries (untrusted, user-published content) that the agent would read/execute as part of dependency management.