context-save

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's preamble and "GBrain Sync" workflow explicitly run git fetch/merge on the configured brain repo (cd "$_GSTACK_HOME" && git fetch origin && git merge ...) and invoke the gstack-brain-sync binary (--once / --discover-new), which pulls and indexes remote repository content (and also offers to open an external URL), so untrusted/user-generated third-party repo/web content can be ingested and then influence suggestions and next actions.