modal-gpu-experiment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow (references/training.md "Data Loading" section and the SKILL.md examples) explicitly shows a download_data Modal function that uses huggingface_hub (from huggingface_hub import hf_hub_download) to fetch public datasets into volumes, meaning the runtime ingests untrusted, user-generated third-party content that will be read/used by training jobs and checkpoints and thus could indirectly inject instructions or influence subsequent actions.