modernize-ui5-app

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Self-help "Pattern A" explicitly tells the agent to WebFetch public npm and GitHub README pages (e.g., "WebFetch: https://www.npmjs.com/package/" and "https://github.com//") and to read those external, user-authored docs to decide middleware configuration keys, so it ingests untrusted third‑party content that can materially change configuration and downstream actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly invokes the external UI5 MCP endpoint mcp__SAPUI5_MCP_Server__get_typescript_conversion_guidelines (and related mcp__sap-docs__* MCP calls configured via .cursor/mcp.json) at runtime and relies on the returned guidelines to drive conversion instructions, so that external endpoint can directly control the agent's behavior.