find-models

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs fetching and reading public per-model docs (https://replicate.com/{owner}/{model}/llms.txt) and model schemas from the Replicate API—content that can be community-authored/untrusted—and requires the agent to interpret that content to choose inputs and run models, so third‑party text could alter agent actions.