llama-cpp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs downloading and loading models from public third-party sources (e.g., HuggingFace links like https://huggingface.co/models?library=gguf and TheBloke/HuggingFace model pages) which are untrusted, user-provided artifacts that the agent will ingest for inference, creating a clear vector for indirect prompt injection.