speculative-decoding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches code and models from public third-party sources (e.g., git clone https://github.com/FasterDecoding/Medusa, https://github.com/hao-ai-lab/LookaheadDecoding, and calls to AutoModelForCausalLM.from_pretrained with Hugging Face model IDs like "meta-llama/Llama-2-70b-hf"), and even references public user-generated training data (ShareGPT_V4.3_unfiltered), so the agent will ingest and act on untrusted third-party content at runtime.