google-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill ingests and displays arbitrary user/third‑party content from Google services (e.g., gmail/scripts/gmail_operations.py reads emails via read_email/list_emails, google-docs/scripts/docs_operations.py reads documents, google-drive download, google-sheets read), so the agent will parse untrusted user-generated content from external senders as part of its workflow, enabling indirect prompt injection.