fine-tuning-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required "Dataset preparation" workflow (SKILL.md) and the dataset reference (references/dataset-preparation.md) explicitly load external public datasets (e.g., load_custom_dataset falls back to load_dataset(path) which may fetch from the Hugging Face Hub and the calibration examples use load_dataset("wikitext", ...)), so untrusted, user-generated third-party content is ingested and directly influences training and downstream model behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses transformers.from_pretrained to load Hugging Face model repos at runtime (e.g., meta-llama/Llama-3.1-8B -> https://huggingface.co/meta-llama/Llama-3.1-8B) with trust_remote_code=True, which causes fetching and execution of remote repository code that the skill depends on.