composio-gmail

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and reads user email content via the Composio Gmail API (see SKILL.md and references/actions.md "List Messages" and "Get Message"/"Reply to Message"), exposing the agent to untrusted, user-generated email content that could contain instructions influencing replies or other actions.