outlook-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md examples for "读取收件箱" and "读取日历" show the agent programmatically reading and parsing Outlook mailbox and calendar items (emails from external senders / user-generated content), which are untrusted third-party content the agent ingests and could influence its decisions.