polars

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill's I/O documentation shows the agent reading arbitrary external files and data sources (e.g., pl.read_csv / pl.scan_csv, pl.read_json / pl.read_ndjson, pl.read_parquet and scan_parquet from s3://, az://, gs:// paths, and read_database_uri), which clearly ingests untrusted/user-provided third‑party content that the agent is expected to read and process.