geniml

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches public, user-provided BED files via BBClient (references/utilities.md shows client.load_bed and SKILL.md mentions "Use BBClient for accessing remote BED repositories / BEDbase") and also references loading pre-trained models from Hugging Face, so untrusted third‑party content is ingested and used in tokenization/training/search workflows and can materially influence tool behavior.