breaking-changes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required Detection Workflow explicitly instructs the agent to "Fetch latest Claude Code API docs" (SKILL.md step 2) and the api-surface.md lists use of curl (e.g., fetch-changelog.sh), which means the agent ingests external third‑party documentation and uses it to drive diffs and remediation decisions, exposing it to untrusted content that could influence tool actions.