nemo-curator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs loading and processing web-scraped public data (e.g., "Web scrape curation (Common Crawl)" and DocumentDataset.read_parquet("common_crawl/*.parquet")), so the agent ingests untrusted third-party web content that directly drives filtering, deduplication, and classifier-driven decisions.