google-sheets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill ingests arbitrary user/third‑party Google Sheets content via the Drive/Sheets APIs (e.g., read_range() calls service.spreadsheets().values().get using a provided spreadsheet_id and list_spreadsheets() returns external sheet links), so it reads untrusted, user-generated content as part of its workflow.