sync-gbrain

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill reads and pulls remote repositories and URLs as part of its artifact/brain sync (e.g., reading ~/.gstack-artifacts-remote.txt, running git fetch/merge in $GSTACK_HOME and calling gstack-brain-sync and gbrain search/put in the "Artifacts Sync" and orchestrator steps), and the fetched/indexed third‑party content is then used to drive capability checks and CLAUDE.md updates and to influence subsequent tool use (reindexing, prompts, guidance), so untrusted external content can materially affect agent behavior.