polars

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's Data I/O documentation and examples (e.g., pl.read_csv/pl.read_json, pl.scan_csv and explicit mentions of cloud storage S3/Azure/GCS and Google BigQuery) show the agent will read/ingest arbitrary external files and datasets, which are untrusted third-party content the agent would interpret as part of its workflow.