uv-package-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes commands that fetch and process arbitrary public third-party content — for example "uv add git+https://github.com/user/repo.git", package sources pointing to https://pypi.org/simple, and installation via "curl ... https://astral.sh/uv/install.sh | sh" — which the agent would retrieve and act on during uv add/uv sync/installation workflows.