sf-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's External Services registration workflow (SKILL.md and references/integration-reference.md) explicitly instructs providing an OpenAPI 3.0 spec "paste, upload, or URL" so the agent would ingest and parse arbitrary third‑party OpenAPI specs from external URLs, exposing it to untrusted content that can drive generated actions.