sapui5-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflows explicitly instruct fetching and using public, user-generated content (e.g., "git clone https://github.com/SAP/openui5-sample-app.git" and downloading hyperfine releases in references/benchmarking.md, plus npm/GitHub links throughout SKILL.md and refs), meaning the agent would ingest untrusted third‑party repositories/artifacts that can materially influence build/tool behavior.