alliance-ml

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs downloading and loading models and datasets from public HuggingFace (e.g., "huggingface-cli download", git clone https://huggingface.co/..., and load_dataset examples in references/huggingface.md and vllm.md), which are untrusted/user-contributed third‑party resources that the agent/user is expected to load and run (thus able to influence tool decisions and subsequent actions).