dspy-code

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes explicit code/examples that load public datasets (e.g., "from datasets import load_dataset" / load_dataset("hotpot_qa") from Hugging Face) and uses retrieval components (ColBERTv2/vector DB URLs) whose content is ingested and interpreted by the RAG/optimization (GEPA) workflows, exposing the agent to untrusted third‑party/user‑generated content.