migrate-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly mandates mandatory Phase 4 smoke tests and adapter verification that run gcx against a live Grafana instance and external provider APIs (e.g., the Phase 4 shell snippets like "GCX_AGENT_MODE=false gcx --context=$CTX {resource} list -o json" and references to external domains such as api.k6.io / plugin-proxy paths), so the agent will fetch and interpret untrusted/external API responses which directly influence gating and subsequent actions.