frappe-tweaks-power-query-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Power Query M examples (SKILL.md and references/long-polling-power-query-example.md) explicitly instruct calling arbitrary BaseUrl endpoints via Web.Contents (start_job/check_status/get_result and frappe.desk.reportview.get) and parsing JSON responses (job IDs, columns, labels, fieldtypes), which are untrusted third-party responses that the agent must read and that materially control polling, subsequent requests, and transformations.