hugging-face-space-deployer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and inspects content from the public Hugging Face Hub (model pages, README.md, adapter_config.json, model weights, and even uses the Inference API for model responses), which are open/public and potentially user-generated, so the agent would read and act on untrusted third-party content.