document-generate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and syncs remote repositories and services (e.g., git fetch/merge and "~/.claude/skills/gstack/bin/gstack-brain-sync" in the "Artifacts Sync" section, plus gh/glab PR views and optional open of external URLs), which ingests content from third-party GitHub/GitLab/URL sources that the agent then reads and uses to determine documentation and actions, so untrusted/user-generated content can influence tool use and decisions.