frappe-errors-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill documentation and examples clearly show the agent ingesting untrusted third-party content—e.g., incoming_webhook in references/patterns.md and examples/webhooks.py (SKILL.md) which parse and act on arbitrary webhook JSON payloads, and external API calls in references/examples.md (myapp/integrations/shipping.py and api_client.py) that request and interpret responses from external services—any of which can contain instructions that influence subsequent actions.