Global Knowledge Sync

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core workflow explicitly reads and pulls files from a Global Knowledge Git repository (e.g., "read skills/skill-registry.json" and "pull on demand via /pullskill <id>" in SKILL.md) and synapses.json names an externalRepository (fabioc-aloha/Alex-Global-Knowledge), indicating it can ingest third-party user-generated repo content that could change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly pulls updates from an external GitHub repository (fabioc-aloha/Alex-Global-Knowledge — e.g. https://github.com/fabioc-aloha/Alex-Global-Knowledge) at runtime via the GK sync / pull-sync steps, and those fetched skill files (skills/* and registry) can directly change agent prompts/behavior, so this is a runtime dependency that can control the agent.