modal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly includes code that fetches and ingests arbitrary public web content (the async fetch(url) example using httpx.get under "For IO-bound or batchable workloads") and also shows downloading from Hugging Face (snapshot_download), so the skill instructs workflows that read untrusted third‑party content which can materially influence behavior.