speculative-decoding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching code and models from public third‑party sources (e.g., git clone https://github.com/FasterDecoding/Medusa, https://github.com/hao-ai-lab/LookaheadDecoding, and AutoModelForCausalLM.from_pretrained("meta-llama/...") which pulls models from Hugging Face), so the agent is expected to ingest untrusted external content that can materially influence generation and subsequent tool decisions.