dependency-upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly directs the agent to read public third-party sources—e.g., "Check the CHANGELOG or release notes" (Step 2), "Read the migration guide" (Step 5), and to run npm audit/equivalent advisories (Step 1)—and to act on that information, so untrusted external content can influence upgrade decisions and tool use.