dependency-resolver

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs the operator to query and inspect public package metadata and upstream content (e.g., "Check for updates: npm view old-chart-lib versions" and "Read its React usage / changelog") in SKILL.md, which requires fetching and interpreting untrusted third-party sources (public registries, package code/changelogs) that can materially affect resolution decisions.