setup-gbrain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and acts on untrusted third‑party content: it asks the user to paste Supabase "Session Pooler" URLs and PATs and calls Supabase APIs (Step 4 Path 1/2a and the /cleanup-orphans flow which curl's https://api.supabase.com/v1/projects), then parses that JSON and uses it to run gbrain init/migrate and even DELETE operations—data that can materially steer tool use and actions.