fiftyone-create-notebook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill's mandatory workflow repeatedly instructs the agent to fetch and use the live API text at https://docs.voxel51.com/llms.txt (see SKILL.md Directive 9 and multiple "Fetch API documentation" steps), which is a public third‑party URL the agent is required to read and use to shape generated code and actions—therefore it exposes the agent to untrusted third‑party content that could inject instructions indirectly.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly instructs fetching https://docs.voxel51.com/llms.txt at runtime (via WebFetch) as the authoritative source for API patterns used to generate notebook code, so external content would directly control the agent's generated prompts/code and is treated as a required dependency.