idempiere-2pack

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow ingests and executes user-supplied ZIP packages (attachments and automatic folder pack‑ins) — e.g., PackInProcess takes an attachment (PackInProcess.java:76) and PackInFolder / PackInApplicationActivator support automatic packin from folders — and those packages can contain executable elements (SH, SCJ/JSR223, SQL) that the import/handlers parse and run, so untrusted third‑party content can materially change behavior.