sn-sdk-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly downloads and ingests application metadata from arbitrary ServiceNow instances (e.g., "now-sdk init --from <sys_id> --auth ", "now-sdk download --auth dev", and subsequent "now-sdk transform" steps described in references/convert-existing-app.md and setup-workflows.md), which are untrusted third-party sources whose XML/user-authored content the agent is expected to read and act on, potentially altering tool behavior or deployment decisions.