vaex-dataframes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly documents loading untrusted external data and pipeline/state files from third-party locations (e.g., vaex.open('s3://...'), vaex.open('ws://server-host:9000/...') and df.state_load('/tmp/pipeline.json') in the "Cloud Storage / Vaex Server" and "State Files (Pipeline Persistence)" sections), and those state/pipeline JSONs and remote DataFrames are parsed/applied by Vaex (creating virtual columns, ML transformers, selections, and predictions), so external, user-generated content would be interpreted as part of the workflow and could materially change subsequent computations or actions.