supabase-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The implementation guide explicitly directs the agent to "Review Changelog" by opening the public GitHub releases page (references/implementation.md Step 2: open https://github.com/supabase/sdk/releases), which is untrusted, user-authored third-party content the agent would read and that can materially influence upgrade actions.