arize-experiment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's workflow explicitly runs ax experiments export (e.g., "ax experiments export ... --stdout" and produces runs.json) to ingest experiment runs from the Arize service—which contain user-generated model outputs and freeform evaluation/explanation text that the skill expects the agent to read and act on (compare scores, find regressions, and drive follow-up actions) from SKILL.md—exposing it to untrusted third-party content that could carry indirect prompt injection.