moai-lang-swift

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes multiple code examples that fetch and render arbitrary external content (e.g., ImageCacheManager/CachedAsyncImage using URLSession.shared.data(from: url), fetchUser with "https://api.example.com/users/…", and Combine examples constructing URLRequests), which means it clearly ingests and displays untrusted third‑party content (external URLs/API responses) as part of its workflows.