huggingface-tool-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's scripts (e.g., hf_model_papers_auth.sh, hf_model_card_frontmatter.sh, hf_enrich_models.sh, and baseline_hf_api.*) explicitly fetch and parse public Hugging Face API endpoints and raw model README files (e.g., https://huggingface.co/api/models and https://huggingface.co/$model_id/raw/main/README.md), which are untrusted, user-generated content that the tool reads and interprets as part of its workflow and can influence subsequent outputs or actions.