upgrade-dependencies-pr

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md, step 4) explicitly instructs the agent to inspect official changelogs, migration guides, and release notes from primary sources (public package websites and docs listed in references), which are untrusted third‑party web content the agent must read and that can materially influence upgrade decisions and subsequent actions.