mindspeed-llm-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly downloads and ingests untrusted, user-contributed model weights and datasets from public sources (e.g., multiple wget lines fetching files from https://huggingface.co/ including the tatsu-lab/alpaca dataset and model safetensors, plus external gitcode.com references) which are then read/processed as part of the preprocessing/training pipeline and can materially influence downstream model behavior and actions.