gepa-demo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly directs cloning a public GitHub repo (https://github.com/raveeshbhalla/dspy-gepa-logger.git) and inspects/loads arbitrary CSV/JSON/JSONL dataset files from the current/user-specified folder (user-provided or third‑party) which the agent is expected to read and interpret as part of its workflow, exposing it to untrusted third-party content.