plan-tune

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's preamble includes a GBrain Sync flow that runs git fetch/merge from the project's origin and invokes ~/.claude/skills/gstack/bin/gstack-brain-sync (pulling remote repository content, e.g., a GitHub repo) and also can optionally "open" a public URL (https://garryslist.org/...), so it clearly ingests third-party web/repo content as part of its runtime workflow which could influence subsequent actions.