sql-server-2025

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill includes T-SQL examples that fetch and consume external, arbitrary web resources (e.g., sp_invoke_external_rest_endpoint and OPENROWSET(REST, 'https://api.example.com/customer/' + CustomerId) and CREATE EXTERNAL MODEL FROM 'https://storage.../model.onnx'), which clearly ingests untrusted third-party content that the agent/database is expected to read and interpret.