ai-ml-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill collection repeatedly instructs the agent to fetch and ingest open/public third‑party content (e.g., arXiv searches in autonomous-agents-papers-guide/SKILL.md and ai-agent-papers-guide/SKILL.md, and unauthenticated Hugging Face Hub reads and Inference API calls in huggingface-api/SKILL.md and huggingface-inference-guide/SKILL.md), which are untrusted/user-contributed sources and are shown as inputs the agent is expected to read and use to drive model selection, classification, and other downstream actions—creating a clear vector for indirect prompt injection.