voltsp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and required workflow fields show the runtime will fetch and execute external, potentially untrusted resources—e.g., references/plugins/processors/javascript.md and python.md allow scriptUrl URIs, references/plugins/processors/java.md allows sourceUri, references/plugins/processors/onnx.md and pipeline-kinds/onnx-mlflow-hot-reload.md allow modelUri/MLflow trackingUri (and kubernetes.md even adds a public Helm repo), meaning third-party URLs can supply code/models that the pipeline will load and execute as part of normal operation.