transformers-js

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly loads models and runtime assets from public third-party sources (e.g., Hugging Face Hub and CDN imports shown in SKILL.md and references — pipeline('task', 'model-id'), env.allowRemoteModels/env.remoteHost, and CDN URLs like jsdelivr), meaning untrusted user-uploaded models and remote files are fetched and their behavior can directly influence generated outputs and subsequent actions.