composio-outlook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows calls to the Composio API (e.g., OUTLOOK_LIST_MESSAGES, OUTLOOK_GET_MESSAGE via https://backend.composio.dev) that fetch and read Outlook email messages — user-generated, untrusted third‑party content that the agent is expected to interpret and can materially influence actions like replying or sending mail.