arize-experiment
Warn
Audited by Snyk on May 26, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The workflow in SKILL.md explicitly exports dataset examples with "ax datasets export ... --stdout" and pipes them into the provided infer.py template which reads arbitrary example fields (e.g., "input", "question", "prompt") and uses them as model inputs, so untrusted/user-generated dataset content can directly influence model calls and downstream actions.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata