setup-deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and inspects external content as part of its required workflow — e.g., running curl against arbitrary production/health-check URLs, calling platform CLIs that query remote services (fly status, vercel ls), and the GBrain sync step that runs git fetch/merge from the remote origin — any of which can pull untrusted, public/user-provided content that will be read/interpreted to decide configuration and next actions.