sap-fiori-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to connect to arbitrary backend OData services and URLs and to read service metadata and annotation files (see Preview -> Live Data and ui5.yaml proxy/backend configuration, and the Service Modeler/Service Metadata descriptions in SKILL.md and references/preview.md/references/service-modeler), so untrusted third‑party content can be ingested and materially influence generation, preview, and deployment actions.