upgrade-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Phase 2 "Research" explicitly instructs the agent to use WebSearch and WebFetch to retrieve public release notes, changelogs, and web pages (untrusted third-party content) and to read/interpret those results to inform scoring, findings, and recommendations that drive upgrade decisions.