pulumi-upgrade-provider

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill runs upgrade-provider against arbitrary $ORG/$REPO repositories (SKILL.md Run Loop) and reads repository/PR content (e.g., gh pr view in Post-run Tasks), which are untrusted, user-generated third‑party sources that the agent must read and could influence fixes/actions.