managing-google-sheets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and acts on Google Sheets content (e.g., "sheets-cli read table" and the note that "--spreadsheet accepts URLs" in SKILL.md) so arbitrary/public/user-generated spreadsheets can be ingested and influence the read→decide→dry-run→apply workflow, enabling indirect prompt injection.