ai-infrastructure-replicate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and processes untrusted third-party content — e.g., passing arbitrary public URLs as model inputs (examples/core.md "URL Input"), running community/public models from replicate.com/explore, and consuming prediction outputs/webhook payloads (examples/streaming-webhooks.md) — which the agent is expected to read and can materially influence subsequent actions.