ncu

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly requires running pnpm ncu to check for outdated packages, which queries the public npm registry (user-published package metadata) and the results are read and acted on to decide updates/installs, so untrusted third-party content can influence subsequent actions.