hugging-face

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it uses the Membrane CLI to connect to the public Hugging Face Hub and run actions like get-discussion, list-discussions, get-model, and list-repository-files, which fetch and have the agent read untrusted, user-generated content from public repositories and discussions that could influence subsequent actions.