experiment-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs the agent to find and run baseline code from public third-party sources (e.g., "Find the original baseline code (official repo, re-implementations...)" and "check paper, GitHub, HuggingFace Papers") in the Stage 1 Process / Stage Protocols, meaning untrusted user-generated web content would be ingested and used to drive experiment decisions and tool actions.