workspace-unified

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and ingests user-generated, potentially third-party content (e.g., bridge.search_gmail_messages / bridge.get_gmail_thread_content, bridge.get_drive_file_content, get_doc_content, read_sheet_values) and uses that content in workflows (creating tasks/docs/digests), which exposes the agent to untrusted external content that could carry indirect prompt-injection.