finetuning-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries external SageMaker hubs (via aws ListHubs and scripts/get_model_names.py which calls list_hub_contents on a hub such as SageMakerPublicHub, and scripts/get_recipes.py which calls describe_hub_content to read HubContentSearchKeywords), thereby ingesting public Hub model metadata (potentially user-published/untrusted) that the agent must read and that directly affects model/technique selection and subsequent actions.