moai-project-language-initializer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md and MCP Server Configuration sections explicitly call validate_figma_token() ("Try to access Figma files via MCP") and check_mcp_status() (check_figma_mcp(), check_context7_mcp(), etc.), indicating the agent will connect to third-party MCP servers (e.g., Figma) and ingest user-generated/third-party content which could influence connectivity checks and subsequent actions.