sbom

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly states the resolver queries public registries (crates.io, npm, PyPI) in "License Resolution Details" and the sbom:resolve stage / deploy/sbom/resolve_licenses.py, so the tool ingests untrusted public package metadata which can change license-resolution outcomes and downstream CI/decisions.