verl-rl-training

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflows explicitly ingest external, public artifacts — e.g., data.train_files (parquet datasets with 'prompt'/'reward_model' columns) and base models from the HuggingFace Hub (actor_rollout_ref.model.path / "Base model from HuggingFace Hub"), and it loads tool/config files (tool_config_path) that the training/rollout loop reads and uses to drive generation, rewards, and tool-calling, so untrusted third‑party content can materially influence runtime behavior.