clerk-upgrade-migration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly instructs the agent to open and review public web pages (e.g., "Step 2: Review Breaking Changes" with npx open-cli https://clerk.com/changelog and https://github.com/clerk/javascript/releases), so it ingests untrusted third-party content that can change migration decisions and subsequent actions.