title-variants

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill reads arbitrary Google Sheets via read_sheet_data(sheet_url) and directly injects the sheet's title/summary fields into the Claude prompt in generate_title_variants, so untrusted/user-generated sheet content can carry instructions that materially influence LLM/tool behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill reads a user-provided Google Sheets URL at runtime (e.g., https://docs.google.com/spreadsheets/d/<SPREADSHEET_ID>) and injects the retrieved title/summary rows directly into the Claude prompt, so external sheet content can directly control the model's instructions.