espocrm-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit runtime code that ingests untrusted third-party content — e.g., references/common-tasks.md shows REST API integration using curl to external URLs and syncCustomer, a Webhook handler that parses incoming webhook payloads (no-auth webhooks) in references/common-tasks.md, and the address-autocomplete frontend view in references/custom-field-types.md which fetches suggestions from external providers like Google/Mapbox — all of which are processed and can change application behavior.