atc-model-converter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly instructs the user/agent to download and install third‑party packages (e.g., wget URLs to aisbench.obs.myhuaweicloud.com and a git clone from https://gitee.com/ascend/tools.git in the "Install ais_bench" section), which are public/untrusted sources and are required by the workflow so their code/content can materially influence tool behavior.