update-avm-modules-in-bicep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches AVM tags from the public MCR API (https://mcr.microsoft.com/...) and retrieves module docs from the public Azure GitHub repo (https://github.com/Azure/bicep-registry-modules/...) as part of its required workflow to decide updates and breaking-change actions, so untrusted third‑party content can materially influence the agent's decisions.