llama-cpp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The convert_lora_to_gguf.py workflow's ensure_llama_cpp_source step explicitly git-clones the public llama.cpp repo from GitHub (https://github.com/ggerganov/llama.cpp) and then invokes the fetched convert_hf_to_gguf.py converter, meaning the skill fetches and executes public third‑party code that can materially change tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The convert_lora_to_gguf.py script will auto-clone and run code from https://github.com/ggerganov/llama.cpp.git at runtime (it runs git clone and then executes convert_hf_to_gguf.py from that repo), meaning remote code is fetched and executed as a required dependency.