dependency-upgrade

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "Breaking Change Handling" workflow explicitly fetches and runs public content (e.g., "curl https://raw.githubusercontent.com/facebook/react/master/CHANGELOG.md" and jscodeshift -t https://raw.githubusercontent.com/reactjs/react-codemod/...), which pulls untrusted third-party files whose contents could influence tooling and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill includes runtime commands that fetch and execute remote code (e.g., npx jscodeshift -t https://raw.githubusercontent.com/reactjs/react-codemod/master/transforms/rename-unsafe-lifecycles.js), meaning external content is fetched at runtime and executed as part of the upgrade workflow.