arize-dataset

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill instructs the agent to fetch and inspect Arize dataset contents (e.g., "ax datasets export ... --stdout" and the "Append Examples" / "Schema validation before append" workflow in SKILL.md), which exposes arbitrary user-defined example data from the Arize service (untrusted/user-generated) that the agent is expected to read and that can influence subsequent actions, so it meets the indirect prompt-injection criteria.