upgrade-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 "Research" step explicitly uses WebSearch and WebFetch to ingest public web content (release notes, changelogs, and other web pages) which the agent is expected to read and interpret to drive scoring and remediation actions, exposing it to untrusted third-party content.