doc-coauthoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and interprets user-shared third-party content via connectors—e.g., "If they provide shared document links, use the corresponding integration to get it" and "If integration available (Slack, Teams, Google Drive, SharePoint ...), content will be read"—which means it will read untrusted/user-generated documents and channels as part of its workflow.