moai-platform-deployment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's reference code (e.g., reference/convex.md under "Actions (External API Calls)" and "Action with Mutation") explicitly fetches public APIs like https://api.weather.com/ and https://api.example.com and uses the returned JSON to run internal mutations, and the "Context7 Integration" snippets call mcp__context7__get_library_docs to retrieve external documentation—showing the agent is expected to ingest untrusted third-party content that can influence subsequent actions.