sap-business-one-servicer-layer-sql

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs building POST /Login requests with CompanyDB/UserName/Password and to reuse session cookies (B1SESSION/ROUTEID) on subsequent requests, which requires the LLM to include secret credentials or cookie values verbatim in generated HTTP requests.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly requires a user-supplied BASE_URL and instructs the agent to "Read /{service-root}/$metadata before shaping requests" and to consult the official SAP PDF (https://help.sap.com/...) as a real-time source, meaning the agent will fetch and interpret third-party content (user-hosted metadata or public docs) that can change subsequent request construction and actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs reading and editing the Service Layer configuration file (ServiceLayer/conf/b1s.conf) and changing runtime configuration (e.g., enabling CORS), which are state-changing operations on the host that can require elevated privileges and thus risk modifying the machine's configuration.