customerio-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required Step 2 ("Review Breaking Changes") and the Resources section explicitly direct the workflow to read the public Customer.io changelog (https://customer.io/docs/changelog/) and GitHub releases (and the scripts use npm/pip queries), meaning the agent is expected to ingest open third-party content that can materially change migration actions.