moai-session-info

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches version info and release notes from public package registries and GitHub releases (see "Version Information" and "Information Sources" listing "Package registries
• Latest available versions" and "GitHub releases
• Release notes and changelogs"), and it surfaces that external content in its status output (including upgrade commands), so untrusted third‑party content could influence decisions or next actions.