merge-renovate-pull-requests

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to fetch and inspect Renovate pull request descriptions via the GitHub CLI and to read dependency changelogs and migration guides from GitHub or other public docs (e.g., "You may use the GitHub CLI to get fetch pull requests" and "The breaking changes... can be found in the pull request description or in the changelog of the GitHub repo"), which are untrusted, user-generated third‑party content that the agent is expected to interpret and that can influence merge decisions and actions.