polars-bio

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core I/O and SQL workflows explicitly ingest arbitrary third-party files/URLs (see references/file_io.md and references/sql_processing.md — e.g., pb.read_bed("s3://bucket/regions.bed", allow_anonymous=True), pb.scan_vcf, pb.register_vcf) and then parse and use that data in interval operations and SQL queries, so untrusted public content can be read and materially influence subsequent processing.