semantic-release

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and analyzes user-generated repository content (commit messages and changed Markdown files) as part of its core workflow—see SKILL.md's "Autonomous check sequence" / commit analysis and the Documentation Linking reference which runs scripts (generate-doc-notes.mjs) that use git diffs and git pull/gh API—so untrusted third‑party contributions can influence version-bump decisions and automated post-release actions.