pull-llamacpp-model

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (SKILL.md) instructs the agent to run "harbor pull <hf-owner/model-repo:quantization>" and example HuggingFace repos, which downloads and runs externally hosted, user-provided model files (untrusted third-party content) used for llamacpp inference and therefore can directly influence the agent's outputs and behavior.