benchmark-models

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's "GBrain Sync (skill start)" section explicitly runs git fetch/merge from the configured remote origin and calls gstack-brain-sync (e.g., "( cd "$_GSTACK_HOME" && git fetch origin ... )" and "~/.claude/skills/gstack/bin/gstack-brain-sync --once"), which pulls user-provided/remote repository content that the skill then loads and may use to influence its workflow.