rig-migrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs cargo search rig-core --limit 1 (shown under "Latest Rig release") which fetches data from crates.io (a public third‑party source) and the workflow directs comparing that external "latest" version / checking CHANGELOGs to drive migration decisions, so untrusted third‑party content could influence agent actions.