funsloth-hfjobs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill instructs fetching and consuming user-controlled public content (e.g., installing code from GitHub via the git+https://github.com/unslothai/unsloth.git dependency, downloading artifacts with huggingface_hub.snapshot_download(repo_id="{username}/funsloth-job"), and viewing WandB dashboards at https://wandb.ai/{username}/funsloth-training), which are untrusted third‑party sources the agent would read or execute as part of its workflow.