datasets-loading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL explicitly provides download utilities and dataset loader signatures that accept arbitrary URLs (see "Caching and download utilities" and "Key function signatures" / reference.md: download_data, download_data_requests, get_adata and e.g. ov.datasets.paul15(url=..., ...) and ov.datasets.dentate_gyrus(url=...)), which download and ingest untrusted public files into the agent's analysis workflow and can materially influence subsequent actions.