data-science-interactive-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The Gradio quick-start (predict(text) with a gr.Textbox) and mentions of deploying apps on public platforms (Hugging Face Spaces / Streamlit Community Cloud) show the skill ingests arbitrary user-provided/untrusted text at runtime, which the agent would read/interpret and could enable indirect prompt injection.