my-brain-is-full-crew

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Postman agent explicitly requires connecting to Gmail/Google Calendar and uses Claude Code's browser/OAuth access to "check my emails" and "summarize unread emails" (see the "Email & Calendar (Postman)" and "Gmail / Calendar integration issues" sections of SKILL.md), meaning the agent will fetch and interpret untrusted, user-generated third-party email content that can drive actions like extracting deadlines or creating tasks.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The installation and update steps instruct users to git clone and run the installer from https://github.com/gnekt/My-Brain-Is-Full-Crew.git, which fetches remote agent/skill files and an installer script that are executed or loaded as the agents' prompts/configuration, so the external repo can directly control agent instructions and execute code.