supplier-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and parses arbitrary supplier-uploaded Excel/CSV pricelists via the POST /api/suppliers/pricelists/upload endpoint and the File Upload Processing flow, meaning it ingests untrusted third-party (supplier/user-provided) content for interpretation and merging.