moai-cc-mcp-plugins

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md shows the agent fetching and ingesting external content (e.g., context7.get_library_docs calls and integrations like @modelcontextprotocol/server-brave-search and the mcp-server-github plugin which pull Brave Search results and GitHub repo data) and then uses those third‑party sources to drive design/optimization decisions, so untrusted public content can materially influence agent actions.