ray

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly says it "automatically fetches relevant documentation" and instructs using "WebFetch" and "WebSearch" to pull docs from docs.ray.io, HuggingFace, PyTorch, GitHub issues and other community sources, which are open/public third‑party pages the agent will read and interpret.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly says it will "Always reference Ray docs: Use WebFetch to get up-to-date info from https://docs.ray.io" and to automatically fetch relevant documentation at runtime, which means external content from https://docs.ray.io can directly influence the agent's prompts/responses.