hugging-face-evaluation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly loads and parses README content from arbitrary Hugging Face model repositories via ModelCard.load (extract-readme / inspect-tables) and fetches data from the public Artificial Analysis API and Hugging Face discussions endpoints (import-aa, get-prs), so it ingests untrusted, user-provided third‑party content that the agent reads and interprets as part of its workflow.