uv-deps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and ingests untrusted third-party data (pip-audit JSON, PyPI metadata via uv/index or curl, and GitHub advisories via gh api) as part of its required workflow (see SKILL.md and references/audit-workflow.md), and that parsed data directly drives decisions like severity filtering, which packages to update, and commit/PR actions, so it can enable indirect prompt injection.