inbox-assistant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Job Alert & Opportunity Research and Deep Mode workflows explicitly instruct the agent to "fetch company website using WebFetch" and to "research external links/companies" (SKILL.md, Job Alert & Opportunity Research / Deep Mode sections), meaning the agent will retrieve and interpret content from arbitrary public websites linked from emails and use that content to influence decisions.