dependency-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md execution steps explicitly instruct the agent to "Trigger web search (Exa/WebFetch) to research breaking changes" and to "Check changelogs" and "Review release notes" (public third-party webpages/package registries), meaning the agent will fetch and interpret untrusted external content that can influence update decisions.