hugging-face-object-detection-trainer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and inspects public Hugging Face Hub datasets and model repos as part of its workflow (see SKILL.md "Validate dataset" step and scripts/dataset_inspector.py which calls https://datasets-server.huggingface.co/rows and load_dataset), meaning untrusted, user-generated content is read and used to decide preprocessing and job-submission actions — creating a clear pathway for indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The training script's PEP 723 dependencies list includes "transformers @ git+https://github.com/huggingface/transformers.git", which will be fetched/installed at job runtime (pip/git install) and thus executes remote code as a required dependency.