polars

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation shows reading and scanning external data sources (e.g., pl.read_csv/pl.read_json/pl.read_parquet and pl.scan_parquet from s3://, az://, gs://, BigQuery and database URIs in references/io_guide.md) so the agent is expected to ingest and process arbitrary third-party files/URLs which could contain untrusted, user-provided content.