hugging-face-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and displays content from the public Hugging Face Hub (e.g., via hf download, hf models info, hf datasets info, hf spaces info and listing commands), which hosts user-generated models/datasets/spaces and therefore exposes the agent to untrusted third-party content that could contain injected instructions.