huggingface-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes code and guidance that directly fetches and loads arbitrary public Hub content (e.g., hf_hub_download / snapshot_download, load_dataset and hf:// dataset paths, API endpoints like https://huggingface.co/api/models or /datasets, and Space embedding examples), which are user-generated/untrusted and the agent is expected to read/iterate as part of its workflows.