mistral-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow Step 2 explicitly directs reviewing public changelogs and npm/GitHub release pages (e.g., https://github.com/mistralai/client-js/releases, https://github.com/mistralai/client-python/releases and npm info/changelog), so the agent would fetch and interpret untrusted, user-visible third‑party content that can materially influence upgrade decisions and actions.