gws-forms

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md shows it calls Google Forms APIs such as forms.get and the responses resource, which ingest user-generated form content and responses from arbitrary third-party forms (public or user-submitted) that the agent would read and could influence subsequent actions.