bambu-filament-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The tracker explicitly uses the gws/Gmail API (see scripts/tracker.dart and SKILL.md) to fetch and parse Gmail messages and email bodies from external senders, ingesting untrusted third-party email content which directly influences parsing, classification, and spending totals.