coderabbit-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly tells the agent to "Review Changelog" by opening the public GitHub releases page (https://github.com/coderabbit/sdk/releases) and links external migration docs (https://docs.coderabbit.com/migration), meaning it fetches and interprets untrusted third-party content that can materially influence upgrade actions.