vp-deps-upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests external, untrusted content — e.g., querying GitHub PRs/releases with gh pr view / gh api repos/{owner}/{repo}/releases, parsing PR titles/bodies (deps-bot-handling.md), and using Context7 query-docs and public changelogs — and then interprets that content to decide migration steps and run tools, so third-party text can materially influence actions.