provider-upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's diagnostic toolbox (references/diagnostic-toolbox.md) explicitly instructs the agent to fetch and read open web upgrade guides (e.g., "site:pulumi.com..."), Terraform registry pages, GitHub issues, and even download and run schema-tools from GitHub—public third‑party content that the agent must interpret to classify diffs and decide upgrade actions.