moai-foundation-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly includes Tier-4 MCP integrators (e.g., mcp-context7, mcp-notion, mcp-playwright) and shows runtime Task/Agent calls that fetch and resume work with external documentation, Notion pages, and browser-automated web content (see modules/agents-reference.md and examples using Task(subagent_type="mcp-context7" / mcp-playwright)), meaning untrusted third-party content would be ingested and can drive subsequent agent decisions and delegations.