release-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly ingests user-generated GitHub content (e.g., gh release --generate-notes, gh release view and git log outputs referenced in SKILL.md and implemented in scripts/release-scripts.sh and scripts/version-manager.py) and parses commit/PR titles and bodies to decide version bumps, changelogs, and release actions, so untrusted third‑party text can materially influence tool use.