hackathon-judging

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The workflow explicitly downloads and ingests Kaggle hackathon writeup bodies and attached project/video contents via the Kaggle MCP endpoints (download_hackathon_write_ups, get_hackathon_write_up, plus resolving notebook/dataset/model URLs and non-Kaggle links), which are outsider-authored submission text that becomes LLM-readable context at runtime.