backend-go-modernize

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly directs the agent to fetch and read external public sites—e.g., "Check the latest Go version at https://go.dev/dl/" and "check the changelog on GitHub (or the project's release notes)"—and to use those third‑party pages to decide upgrades or perform code changes, which meets the conditions for consuming untrusted, user-generated web content that can influence actions.