deploy-folder-to-modelscope

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill prompts for or reads a ModelScope repository URL (scripts/run.py get_modelscope_url) and then runs git clone on that URL (scripts/deploy.py), meaning it fetches and operates on arbitrary public/user-controlled repository content (including .git metadata/hooks) which is untrusted and can affect subsequent git commands and runtime behavior.