moai-cc-skill-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs automated web research and ingests public web content (see SKILL.md generation_workflows "ai_research_phase" with "automated_web_research": true, INTERACTIVE-DISCOVERY.md → WebSearch query flow, EXAMPLES.md reference URLs like https://docs.pytest.org, and SKILL-UPDATE-ADVISOR.md which calls websearch/webfetch) and uses those findings to drive skill design and update decisions, exposing the agent to untrusted third‑party pages that can influence actions.