email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill reads and lists email messages from an IMAP mailbox (configured via .config/email.json, e.g., imap.gmail.com), so it ingests arbitrary external/user-generated emails that could contain malicious or instructional content.