maui-release-notes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls the dotnet-workload-info skill to fetch live NuGet.org workload manifests and constructs GitHub/NuGet release links (public third-party sources) and directly reads/compares that live data to decide whether to generate/update release-note files, so untrusted external content can influence agent actions.