hugging-face-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill uses the public Hugging Face Hub and explicitly fetches user-generated content (e.g., commands like "hf download <repo_id>", "hf models info", "hf datasets info", "hf spaces info"/"hf spaces ls") so the agent would ingest and read untrusted third-party files and metadata from the open web.