deeplake

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and reads public third‑party datasets (e.g., client.ingest(..., {"_huggingface": "mnist"}) shown in SKILL.md/examples.md and LeRobot ingestion that pulls videos via git-lfs), and those ingested/queried contents are directly read/used by client.ingest(), client.query(), and client.open_table() to drive indexing, search, and training—so untrusted user-generated content could materially influence agent behavior.