ship

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses WebSearch in Step 4 ("B2. Research best practices") to fetch guidance from the open web and also reads/links to remote artifact/brain URLs (e.g., $HOME/.gstack-artifacts-remote.txt and gbrain remote-http / GitHub/GitLab remotes) whose untrusted public content is read and used to choose frameworks and drive subsequent decisions.