moai-foundation-git

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly uses the GitHub CLI to fetch and read user-generated, public PRs/reviews/issues and workflow run logs (e.g., gh pr view --json reviews, gh pr list, gh run view) as part of its documented workflows in SKILL.md/examples.md/reference.md, so it ingests untrusted third‑party content (GitHub PRs/comments) that can materially influence subsequent actions.