gws-drive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly exposes runtime fetching and reading of user-generated Drive content (e.g., files.get/files.download with alt=media, files.export, comments.list/replies.list), meaning the agent will ingest third-party Drive files/comments that could contain instructions influencing subsequent actions.