hubspot-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs checking public changelogs and package data (Step 1: npm view @hubspot/api-client ...) and references external resources (GitHub CHANGELOG, HubSpot API docs) that the agent would need to read/interpret to determine upgrade/migration actions, so it ingests public third-party content that could influence behavior.