moai-workflow-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's PR Code Review workflow (see SKILL.md and modules describing the PR Code Review Process and review_workflows.md) explicitly gathers and analyzes pull request contents and CLAUDE.md files from GitHub and posts results via the gh CLI, which means it ingests untrusted, user-generated third-party content (PRs) and uses that content to drive decisions and actions.