moai-workflow-project

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's tab_schema.json (Tab 0 post_collection.web_search) explicitly enables automated web searches using query templates (e.g., "{project_type} best practices 2025") whose public search results are consumed to generate proposals and drive approval/next-action flows, so untrusted third-party content can influence agent decisions.