erpnext-errors-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly makes and parses responses from external, potentially arbitrary HTTP endpoints (see "External API Pattern" in SKILL.md with requests.post(endpoint, ...) and the ShippingAPI class in references/examples.md which uses self.base_url from settings), and also parses incoming webhook payloads (stripe_webhook), so untrusted third‑party content is ingested and directly influences application logic and actions.