sparse-autoencoder-training

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly loads pre-trained SAEs from public third-party sources (e.g., SAE.from_pretrained with HuggingFace "username/repo-name" releases and Neuronpedia feature pages) and then uses those loaded SAEs to encode activations and steer/alter model generation, so untrusted user-provided model artifacts can directly influence tool behavior.