bids

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly includes and documents a runtime updater (scripts/update_schema.py) that fetches the BIDS schema from https://bids-specification.readthedocs.io/en/stable/schema.json and BEPs YAML from https://raw.githubusercontent.com/bids-standard/bids-website/main/data/beps/beps.yml (see SKILL.md and scripts/update_schema.py), causing the agent to ingest public, user-maintained third‑party content that the skill relies on to decide filenames, entity ordering and conversion behavior—meeting the criteria for potential indirect prompt injection.