apple-on-device-ai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's MLX Swift and llama.cpp workflows explicitly load community-hosted models (e.g., ModelConfiguration id "mlx-community/Mistral-7B-Instruct-v0.3-4bit" and llama.cpp's modelUrl) and mention "Running Hugging Face models from mlx-community", which means it fetches untrusted public model artifacts that the agent uses at runtime and that can materially change generation and tool-invocation behavior.