npm-downloads-to-leads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public, user-generated content from npm (Step 3 / SKILL.md and scripts/fetch.py: npm Downloads API and registry) and GitHub (Step 5 / scripts/fetch.py: GitHub user profiles and repo READMEs), then uses that data (descriptions, README quotes, twitter_username, weekly trends) to drive scoring, lead-generation, and outreach messages—creating a clear path for untrusted third-party content to influence agent actions.