modal-serverless-gpu

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's documentation includes explicit runtime examples that fetch and ingest arbitrary public content — e.g., the fetch_data(url: str) example using aiohttp in references/advanced-usage.md and examples downloading models/code from GitHub/Hugging Face (AutoModel.from_pretrained, pip_install "git+https://...") — which demonstrate reading untrusted third-party content as part of the runtime workflow and could therefore influence downstream processing or actions.