build-ml-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md and references/source-binding.md explicitly describe binding and loading external sources (e.g., "https://example.com/file.csv" with "HTTP fetch + parse", S3, HuggingFace IDs) and even instruct the agent to "WebFetch the docs" for skrub — meaning the agent will fetch and interpret untrusted third‑party content that can materially influence pipeline construction decisions.