bun-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Update Check" workflow in SKILL.md fetches https://raw.githubusercontent.com/abpai/skills/main/versions.json on first use and uses that public GitHub-hosted data to decide whether to prompt the user and potentially run npx skills update bun-expert, meaning untrusted third-party content is read and can change the agent's actions.