fix-security-vulnerability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). In scan-all mode, the skill calls gh api repos/getsentry/action-release/dependabot/alerts --paginate ... and gh api repos/getsentry/action-release/dependabot/alerts/<number>; the returned Dependabot alert fields (e.g., .security_advisory.summary / description) are outsider-authored free text from GitHub Dependabot and are ingested into the agent’s context for analysis.