supabase-prod-checklist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's implementation guide (references/implementation.md) instructs the agent/operator to fetch public URLs (e.g., "curl -f https://staging.example.com/health" and "curl -s https://status.supabase.com") and to base rollout decisions on those external responses, which means untrusted third‑party web content is read and can materially influence actions.