google-drive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly reads user-generated Google Drive content (e.g., "List Files", "Get File", "List Comments" and the "membrane request" proxy described in SKILL.md), so it ingests untrusted third-party content from users' drives that could contain instructions influencing agent behavior.