google-workspace

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows the agent reading and acting on user-generated content from Google Workspace (e.g., Gmail messages, Google Docs, Drive files, and Sheets via the Gmail/Docs/Drive/Sheets API examples), so untrusted third-party content could be ingested and influence subsequent actions.