dependency-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to query public advisory sources (GitHub Advisory Database, NVD) and to fetch release notes/changelogs from third‑party websites as part of "Check Security Advisories" and "Research Breaking Changes," so it will ingest untrusted public content that can influence update decisions and PR creation.