moai-lib-shadcn-ui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows runtime calls to Context7Client.get_library_docs (e.g., in ShadcnUIArchitectOptimizer.design_optimal_shadcn_architecture) to fetch latest shadcn/ui and React documentation from external/public sources and then uses that content to drive component selection and theme optimization, which means untrusted third‑party content can materially influence agent decisions.