upgrade-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Phase 2 ("Research") explicitly instructs the agent to use WebSearch and WebFetch to retrieve public release notes/changelogs and other open-web content about target models/versions, which the skill requires the agent to read and use to drive scoring and remediation decisions, exposing it to untrusted third‑party content.