anthropic-sdk-upgrader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the agent to read and consolidate GitHub release notes from the public pages (e.g., https://github.com/anthropics/claude-agent-sdk-typescript/releases and https://github.com/anthropics/anthropic-sdk-typescript/releases), which are open third‑party content the agent must interpret to decide migration steps and code changes, creating a clear avenue for indirect prompt injection via those release note contents.