moai-essentials-refactor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows runtime calls to Context7Client.get_library_docs (e.g., context7_library_id="/refactoring-guru" and other Context7 library IDs) to fetch external Context7/Refactoring.Guru documentation which the agent ingests and uses to match/prioritize refactoring opportunities and drive automated refactoring decisions, exposing it to untrusted third‑party web content that could influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls Context7Client.get_library_docs at runtime to fetch external library docs (e.g., context7_library_id="/python-rope/rope" and "/refactoring-guru"), and those fetched patterns are directly used to drive refactoring logic and AI prompts, so these external resources control agent behavior.