ml-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes concrete runtime code in data-engineering (DataCollector.collect) that performs requests.get(source.connection["url"]) and uses dvc.api.get_url (public GitHub) and also calls transformers.from_pretrained in dnn-architectures to download external models—showing the agent would fetch and ingest arbitrary/public third‑party content (URLs, repos, model hubs) that could materially influence subsequent processing or actions.