gmail-to-crm-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly reads and parses inbound Gmail messages via the Gmail MCP Connector (see "Phase 1: Gmail Connection and Email Retrieval" / "Step 2: Read and Parse Each Email" and Execution Flow), ingesting untrusted, user-generated email content that directly drives scoring, draft creation, CRM logging, and next actions—allowing external email content to materially influence agent behavior.