plan-tune

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Artifacts Sync and preamble explicitly fetch and ingest remote content (git fetch/merge of the ~/.gstack repo and calls to gstack-brain-sync, plus optional open of a public URL from ~/.gstack-artifacts-remote.txt and gbrain remote-http config), which causes the agent to read third‑party repository/web content that can influence decisions and tool use.