geniml

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). Yes — the skill includes BBClient which fetches and caches BED files from public BEDbase/GEO (e.g., client.load_bed('GSM123456')) and also ingests user-provided BED files and metadata CSVs (and references public pre-trained models on Hugging Face) as part of tokenization/training/search workflows, so it clearly consumes untrusted third-party content.