google-sheets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly reads and displays cell content from arbitrary Google Sheets (see scripts/google-sheets.py: read_values / cmd_values_read and get_spreadsheet / cmd_spreadsheets_get), allowing ingestion of user-supplied/untrusted spreadsheet data that could contain malicious or instruction-like content.