provider-upgrade-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 3 "Research Breaking Changes" explicitly instructs the agent to check public changelogs and upgrade guides (e.g., GitHub CHANGELOG.md and registry.terraform.io upgrade guide URLs), which are open/public third-party sources the agent would read and use to drive upgrade decisions.