moai-foundation-quality

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and analyzes external, potentially untrusted content — e.g., the Quality-as-Service API clones arbitrary repository URLs via clone_repository(request.repository_url) in modules/integration-patterns.md and the BestPracticesEngine calls Context7Client.get_library_docs/resolve_library_id to pull real-time documentation (modules/best-practices.md and references) which the agent uses to validate code and drive automated actions (quality gates, recommendations, auto-fixes), so third-party content can materially influence decisions and tool use.