publish-npm-package

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to check and interpret public npm registry state and npmjs.com package pages (e.g., "Derive those answers... 4. npm registry state for the package" in SKILL.md and the bootstrap/linking steps that point to https://www.npmjs.com/package//access and use npm view), meaning the agent will fetch and act on untrusted, user-generated web content which can change auth/versioning decisions.