geoparquet-validation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's instructions and command examples (notably in references/gpio-commands.md and the SKILL.md workflow) explicitly show using gpio to read from open URLs, S3 buckets, ArcGIS Feature Services, and BigQuery (e.g., "gpio inspect https://example.com/data.parquet", "gpio extract arcgis https://...", "gpio inspect s3://..."), meaning the agent is expected to ingest untrusted third‑party content whose contents can change validation/processing steps and subsequent tool use.