moai-workflow-github

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests GitHub user-generated content (e.g., "gh issue list --json ...", "gh issue view {number} --json ...", "gh pr view {number} --json ..." and passes issue bodies, comments and PR diffs into agent prompts), which are untrusted third-party sources that the agent reads and uses to drive code changes, reviews, and merge decisions.