odoo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill connects to arbitrary Odoo instances specified by ODOO_URL and routinely performs reads/calls (e.g., client.searchRead, client.read, client.call and CLI odoo records operations shown across base/crud.md, base/introspection.md and cli/records.md), meaning it ingests user-generated, third-party Odoo data which the agent is expected to interpret and which can directly drive actions like writes, module installs, or state apply.