sap-cloud-sdk-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill’s bundled agentic-workflows and orchestration docs (e.g., references/agentic-workflows.md and references/orchestration-guide.md) show agents/tools that fetch public URLs/APIs (for example the open-meteo fetch in agentic-workflows.md, grounding from help.sap.com and arbitrary image URLs) and then feed those third‑party results into the model/workflow (document grounding, tool-calls, RAG), meaning untrusted external content is ingested and can materially influence actions.