upgrading-react-native

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (upgrade-helper-core.md) explicitly instructs the agent to fetch and parse public, untrusted third‑party content (e.g., curl to raw.githubusercontent.com for rn-diff-purge RELEASES and raw unified diffs, and links to the Upgrade Helper UI/GitHub compare) and to use those fetched diffs to build dependency baselines and drive upgrade actions, which could allow indirect prompt-injection via externally authored content influencing tool use and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly runs curl to fetch rn-diff-purge data at runtime (e.g., https://raw.githubusercontent.com/react-native-community/rn-diff-purge/diffs/diffs/<current_version>..<target_version>.diff and https://raw.githubusercontent.com/react-native-community/rn-diff-purge/master/RELEASES), and those fetched diffs are used as the canonical baseline that directly drives which changes the upgrade workflow applies, meaning remote content controls agent actions.