tinker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's recipes and dataset builders explicitly load public HuggingFace datasets (e.g., datasets.load_dataset("HuggingFaceH4/no_robots", "openai/gsm8k", "open-thoughts/OpenThoughts3-1.2M") and similar) and fetch images from arbitrary URLs via requests.get, so it ingests untrusted, user-generated third-party content that the agent reads and processes for training and inference.