dagster-integrations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's dagster-dbt component-based integration (references/dagster-dbt/component-based-integration.md) explicitly supports remote Git repositories and "automatically clones the repository and compiles the manifest" so the agent will fetch and parse arbitrary third-party repo content (manifest.json, dbt project files) that can directly determine asset creation and runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Component-Based Integration docs specify a runtime git clone of the remote repo (example: https://github.com/org/dbt-project.git) which is fetched during "dg utils refresh-defs-state" and used to compile/run dbt manifests (executing templating/macros), so this external URL is used at runtime and can cause execution of remote code.