recipe-draft-email-from-doc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's SKILL.md explicitly reads content from a Google Doc via "gws docs documents get" and copies that user-generated/untrusted document text to use as the Gmail message body, so third-party doc content directly influences an agent action (sending email).