data-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Data Collection code explicitly calls requests.get(source.connection["url"]) (allowing arbitrary API/URL inputs) and the Data Versioning example uses dvc.api.get_url(... repo='https://github.com/org/repo'), meaning the agent can fetch and interpret untrusted public web/API content that can influence downstream decisions.