google

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and polls user Gmail (gog gmail get, email polling) and fetches Drive/Docs/Sheets content (gog drive download, gog docs cat, gog sheets get), all of which are untrusted, user-generated third-party content that the agent would read and that could materially influence actions like replies, event creation, or file updates.