transformers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's docs explicitly instruct fetching and ingesting open third-party content—e.g., datasets.load_dataset in references/training.md, pipeline inputs that accept image URLs in references/pipelines.md, and AutoModel.from_pretrained/Hugging Face Hub downloads in SKILL.md—so the agent will read and act on untrusted, user-provided web/hub content that could carry injected instructions.