outlook

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). Suspicious — these links are hosted on an unrecognized third‑party domain and point to downloadable shell scripts (including an explicit curl | bash install), a high‑risk pattern because it executes unreviewed remote code and can be used to distribute malware or harvest credentials.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill automates a Playwright session that navigates to outlook.live.com / outlook.office.com and programmatically reads and summarizes inbox messages and message bodies (see "Authentication Flow" and Usage Examples), which ingests untrusted, user-generated email content that could carry indirect prompt injections.