revenuecat-migrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to read canonical SDK repos and changelogs on GitHub (e.g., the links in platforms/android.md and platforms/ios.md to https://github.com/RevenueCat/.../CHANGELOG.md and the repo releases/migration guides), so the agent is expected to fetch and act on public third‑party content that can change its migration actions.