geniml

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Yes — the skill explicitly fetches and ingests public third‑party data (e.g., BBClient.load_bed from remote BEDbase repositories like client.load_bed(bed_id='GSM123456') and downloading pre-trained models from Hugging Face), so the agent will read and interpret untrusted/user‑generated content as part of its workflows.