synap-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Multi-Device Sync Setup and daily workflow explicitly instruct fetching a data directory from remotes (git clone / git remote add and synap pull/sync for git/Dropbox/iCloud) and then processing those entries via triage/grouping commands (e.g., synap list --status raw --json, grouping detection), so untrusted user-generated content pulled from third-party remotes would be read and used to drive agent decisions and follow-up actions.