erpnext-syntax-controllers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes code that fetches and ingests data from external, public APIs (e.g., ExternalProduct.load_from_db and ExternalProduct.get_list calling https://api.external-system.com/products and the example external validation request to https://api.external.com/validate), so the agent would read and process untrusted third-party content at runtime.