update-v8

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to fetch and use public third‑party content (e.g., checking chromiumdash.appspot.com for the target V8 version, curling the GitHub tarball https://github.com/v8/v8/archive/refs/tags/<new_version>.tar.gz to compute INTEGRITY, and running build/deps/update-deps.py which fetches latest dependency releases), so untrusted web content would be read and can materially influence decision/actions during the update.