outlook-emails-lawvable

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's script (scripts/outlook_oauth.py) and SKILL.md/WORKFLOWS.md explicitly fetch emails and attachments from Microsoft Graph/Outlook (user mailbox) — untrusted, user-generated third‑party content — and instruct the agent to parse and act on that content (e.g., run NDA review, classify contracts), so those external contents can materially influence tool use and next actions.