data-engineering-storage-remote-access

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and patterns.md contain concrete runtime code that lists, opens, and processes files from public cloud/backed stores (e.g., fsspec/pyarrow/obstore access to s3://, gs://, http:// paths shown in the "Quick Start", "Incremental Loading", "Cross-Cloud Copy" and related examples), which requires the agent to read and act on arbitrary third-party storage content that could contain untrusted instructions.