lamindb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and required workflows explicitly show fetching and ingesting untrusted public web content (e.g., references/integrations.md and SKILL.md: Artifact("https://...").save(), REST API examples, and references/ontologies.md with bt.CellType.import_source() and curator.cat.lookup(public=True)), and the agent is expected to read and act on that content (loading artifacts, standardizing/annotating data, driving curation and pipeline steps), so third-party content can materially influence tool use and decisions.