hugging-face

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md instructs the agent to call the public Hugging Face Hub APIs (e.g., https://huggingface.co/api/models, /datasets, and repository tree endpoints) to fetch model/dataset metadata and repository files, which are user-contributed/untrusted content the agent is expected to read and that can affect which model or action it chooses.