sap-btp-business-application-studio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent/user to clone and operate on public or corporate Git repositories (see references/git-operations.md and templates/dev-space-setup.md), install Yeoman generators and VS Code extensions from public registries (references/development-workflow.md and service-center-and-tools.md), and consume Service Center/third‑party APIs—all of which expose untrusted, user-generated web content that the agent is expected to read and act on as part of the workflow.