moai-essentials-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs runtime fetching and use of external Context7 library docs (e.g., calls to context7.get_library_docs with IDs like "/microsoft/debugpy" and "/plasma-umass/scalene" and mentions "Community Knowledge Integration" and "Live Documentation Fetching"), which the agent reads and uses to generate recommendations and automated fixes, exposing it to untrusted third-party content that can influence actions.