bun-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes commands to "refresh reference snapshots" (e.g., SKILL.md's release-sync and the referenced scripts update-bun-release-notes.ts / update-vercel-bun-docs.ts) and ships reference files (e.g., references/ref-bun-release-notes-bun-v1.3.10.md) that contain embedded social-media/user-generated content (Twitter embeds), indicating the agent fetches and ingests public third‑party content which it is expected to read and that could influence actions.