high-performance-inference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly downloads and ingests untrusted public content—e.g., scripts/quantization-config.py loads calibration data from public HuggingFace datasets like "allenai/c4" and other community datasets, the edge/offline docs call huggingface_hub.snapshot_download for remote models, and scripts/vllm-server.py accepts arbitrary HuggingFace MODEL_NAME with trust_remote_code=True—so the agent will read and execute or use third‑party user-generated content as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The vLLM server code loads HuggingFace model repositories at runtime (e.g., https://huggingface.co/meta-llama/Meta-Llama-3.1-8B-Instruct) and explicitly sets trust_remote_code=True, which permits executing code from the remote repo during model load — a required runtime dependency that can execute remote code.