vercel-prod-checklist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Flagged because the SKILL.md explicitly instructs fetching and interpreting live public URLs (e.g., Step 4 "Post-Deploy Health Checks" uses curl against https://yourdomain.com and Step 5/Implementation pre-flight checks curl https://staging.example.com and https://www.vercel-status.com), which are untrusted external content that the workflow uses to decide rollbacks/promotions.