huggingface

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly loads and runs models from the public Hugging Face Model Hub and API (e.g., AutoTokenizer.from_pretrained / pipeline model names and the API_URL inference call), which are public, user-contributed assets whose outputs/content are untrusted and can be ingested by the agent at runtime.