beaver-release-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests user-generated repository data and remote GitHub data as part of its required workflow (Step 2 reads commit history and detects "BREAKING CHANGE" from git log; Step 4 calls the GitHub CLI e.g. "gh pr view --json author" and "gh repo view ..." to identify contributors), so untrusted third-party content can influence version-bump decisions and changelog generation.