deps-migrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 3 and context7-integration.md explicitly instruct the agent to query external documentation and "community resources" (e.g., Context7 query-docs and web migration guides) and then use those results to build API mappings and decide migration actions, which means it ingests untrusted third-party content that can influence tool use and next steps.