llm-fine-tuning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main workflow (Quick Start and Axolotl config) explicitly loads external datasets (e.g., load_dataset("your-org/your-dataset") and dataset types like "alpaca"/"sharegpt") from public sources such as Hugging Face, which are user-generated/untrusted and are ingested and used to train models, therefore able to materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Kubernetes job uses the external container image nvcr.io/nvidia/pytorch:24.05-py3 which will be pulled and executed at runtime (running remote code) and is required for the training job, so it is a runtime external dependency that can execute remote code: nvcr.io/nvidia/pytorch:24.05-py3.