roboflow-data-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and operates on user-generated and public datasets (e.g., "Universe fork" under Uploading Data in SKILL.md) and includes runtime workflows that surface user-provided textual labeling instructions and per-batch content (see "Add labeling instructions" in labeling.md's Jobs & Assignment), so the agent is expected to read and act on untrusted third-party content that could influence actions.