cc-version-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Phase 1 "Research" in SKILL.md explicitly instructs the cc-version-researcher to fetch and analyze public third‑party sources (GitHub releases/issues/PRs/commits, npm registry, technical blogs & community, official docs), which are untrusted/user‑generated and whose findings are fed into later phases to drive impact analysis and ENH decisions.