lamindb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests open third-party content (e.g., references/integrations.md shows saving artifacts from arbitrary HTTP/HTTPS URLs and a REST API example like requests.get("https://api.example.com/data"), references/ontologies.md and annotation-validation.md show bt.lookup(public=True) and bt.import_source() for public ontologies, and HuggingFace/S3 examples), and those external sources are read/standardized/used in curation and downstream actions (standardize, validate, save artifacts), so untrusted public content can materially influence tool use and decisions.