detecting-supply-chain-attacks-in-ci-cd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's agent code (scripts/agent.py) performs HTTP requests to public package registries (e.g., check_dependency_confusion calling https://registry.npmjs.org/... and https://pypi.org/pypi/...), thereby fetching untrusted, third‑party content from public websites and using the responses to influence its risk findings and reports.