zoho-mail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and exposes user emails from Zoho Mail (e.g., the "Get Email Content" endpoint GET /zoho-mail/api/accounts/{accountId}/folders/{folderId}/messages/{messageId}/content via the Maton gateway) so the agent would read arbitrary, untrusted user-generated message content that could materially influence actions like replying or executing message-based instructions.