ray-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md examples explicitly show reading datasets from external cloud storage URIs (e.g., read_parquet("s3://bucket/..."), read_json("gs://bucket/..."), read_parquet("s3://huge-dataset/")) and then processing them via map_batches/iter_batches and feeding them into training/inference pipelines, so untrusted third‑party data could be ingested and materially influence processing or downstream actions.