moai-lang-javascript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The "Context7 Integration" section explicitly instructs fetching library docs from public GitHub repositories (e.g., nodejs/node, expressjs/express, fastify/fastify, honojs/hono, vitest-dev/vitest) which are open, user-maintained third-party sources the agent would read and interpret, exposing it to untrusted content.