hugging-face-evaluation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required runtime workflow fetches outsider-authored free text from public Hugging Face model cards/leaderboards via curl (e.g., curl .../raw/main/README.md and curl .../api/datasets/.../leaderboard), which is then parsed/extracted and can be incorporated into the agent’s LLM context for processing.