moai-baas-supabase-ext

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches external public documentation via Context7 (Context7Client.get_library_docs with context7_library_id='/supabase/docs' and '/postgresql/docs' in design_optimal_supabase_architecture), and those third‑party docs are ingested and used to drive architecture/optimization decisions, which could enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The Edge Function imports remote modules at runtime from https://deno.land/std@0.168.0/http/server.ts and https://esm.sh/@supabase/supabase-js@2, which causes Deno to fetch and execute remote code that the skill relies on as a required dependency.