moai-workflow-project

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's JIT Document Loading and related workflow (SKILL.md "JIT Document Loading" → "WebFetch / WebSearch" and the tab_schema post_collection.web_search trigger) explicitly instruct the agent to perform web searches and fetch public online documentation/web pages and then summarize/use those results in proposals and workflows, exposing it to untrusted third‑party content that can influence subsequent actions.