replicate-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill accepts and forwards arbitrary external URLs for training (train_lora(images_zip_url)) and ingests/reads untrusted Replicate API responses (prediction.logs, payload["output"] in webhooks and prediction outputs), which are third-party/user-provided content the agent parses as part of its workflow.