dependency-upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs fetching public changelogs (e.g., curl https://raw.githubusercontent.com/facebook/react/main/CHANGELOG.md) and tells the user/agent to read CHANGELOG.md/MIGRATION.md and use changelog parsers, which means it consumes untrusted, user-generated content from public third‑party sources as part of its workflow.