npm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs running npm install and to run scripts from package.json (e.g., "x npm install -g nodemon" and "When running predefined scripts in package.json"), which implicitly fetches and executes packages from the public npm registry (untrusted third-party content) and can thus influence tooling or actions.