update-dependencies

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Phase 3 "Research Each Major Version" explicitly instructs using WebSearch/WebFetch to locate migration guides, GitHub releases, changelogs, and repository issues (public web sources and user-generated content) and to extract breaking changes that will drive upgrade decisions, so the agent will ingest and act on untrusted third‑party content.