spice

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and ingests third‑party content as part of its core workflow — e.g., spice_model_cache.get_model_for_part (and SKILL.md) describe querying distributor APIs (LCSC, DigiKey, Mouser, element14) via spice_spec_fetcher and performing structured/datasheet PDF extraction from /datasheets/, and those externally-sourced specs are used to generate behavioral SPICE models that directly affect simulation results and subsequent pass/warn/fail decisions.