frappe-enterprise-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit integration patterns that fetch and process external, potentially user-generated content—e.g., references/integration-patterns.md shows BaseConnector.request calling arbitrary external endpoints, sync_external_tickets fetching external tickets, and webhook_receiver handling incoming webhook payloads—so the agent would read and act on untrusted third-party content.