document-release

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's GBrain Sync steps (e.g., git fetch origin && git merge --ff-only and running ~/.claude/skills/gstack/bin/gstack-brain-sync, plus reading ~/.gstack/projects/.../learnings.jsonl and other synced artifacts) explicitly fetch and ingest content from a user-configured remote Git repo and then read/use that data to influence suggestions and next actions, which exposes the agent to untrusted, user-generated third-party content.