daft-udf-tuning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Quick Recipes" includes an "Async I/O (Web APIs)" code example that uses aiohttp to fetch arbitrary URL text (web pages/APIs), which clearly shows the skill consuming untrusted third-party web content as part of its workflow and that content could influence downstream UDF behavior.