google-workspace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill uses browser automation to navigate and operate on Google Workspace services (Google Docs/Sheets/Gmail/Drive), which load user-generated and third-party content from the user's account that the agent may read or interpret as part of its workflow, creating a risk of indirect prompt injection.