composio-drive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md and references/actions.md explicitly instruct using Composio endpoints (e.g., backend.composio.dev API actions like GOOGLEDRIVE_DOWNLOAD_FILE and GOOGLEDRIVE_SEARCH_FILES) to list, search, and download files from a user's Google Drive, meaning the agent will ingest arbitrary user-generated/third-party Drive content that could contain instructions.