hugging-face-jobs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly loads and processes public, user-contributed Hub content and arbitrary remote scripts—e.g., load_dataset(args.seed_dataset) in scripts/cot-self-instruct.py, pl.scan_parquet("hf://datasets/...") in finepdfs-stats.py, and allowing hf_jobs("uv", {"script": "https://..."} / GitHub/raw URLs) —so the agent consumes untrusted, third‑party user-generated content as part of its workflow.