moai-workflow-project

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's tab_schema.json explicitly enables automated web searches (tab_0_initialization.post_collection.web_search with trigger_web_search=true and query_templates) and uses those public search results to generate proposals, so the agent will fetch and ingest untrusted public web content that it is expected to read and interpret.