huggingface-best

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and parse public Hugging Face benchmark datasets, leaderboards, and model cards via curl calls to https://huggingface.co/api/... (Steps 2–4), which are user-contributed/untrusted third‑party content that the agent reads and uses to rank and recommend models.