financial-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly ingests user-generated third‑party content — notably Gmail transaction confirmation emails and Google Drive CSV/Excel files (see "Gmail 导入" and "Google Drive 导入" in SKILL.md) — and parses/uses that data to drive imports and database syncs (e.g., upsert/sync flows), so untrusted content can materially influence actions.