google-calendar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's CLI (scripts/gcal_api.py) exposes a "call" command whose request() function explicitly accepts full http/https URLs and will fetch and return arbitrary external HTTP responses, so the agent can ingest untrusted public/user-supplied web content outside Google APIs.