fine-tuning-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required dataset-preparation workflow (SKILL.md and references/dataset-preparation.md) explicitly loads public datasets and arbitrary Hugging Face Hub paths via load_dataset(...) and even uses public corpora like "wikitext" for calibration, meaning untrusted/user-generated third-party content is ingested and directly influences dataset validation, training, and downstream actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime model loading from the Hugging Face Hub (e.g., "meta-llama/Llama-3.1-8B") with trust_remote_code=True, which causes code from that remote repo to be fetched and executed at runtime and is required for model loading, so this is a high-confidence runtime external-code execution risk.