molfeat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs loading pretrained models and model cards from external hubs (e.g., ModelStore.load, PretrainedMolTransformer("ChemBERTa-77M-MLM") and the "Access to transformer models through HuggingFace hub" note in references/available_featurizers.md and SKILL.md), meaning it fetches untrusted public third-party model artifacts and metadata which are ingested and can materially change downstream featurization/decisions.