google-docs

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The links themselves point to common hosting (Google Cloud Storage, Google Drive, example.com) and specifically appear to be images, but public GCS buckets and Google Drive links from unknown/untrusted sources are frequently abused to distribute malware (and personal file-hosting links are a high-risk vector), so treat these as moderately–highly suspicious unless you can verify the uploader and file contents.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly reads and acts on user-generated Google Docs (see SKILL.md "Read Document" / scripts/docs_manager.rb read & structure calls) and can ingest external content (e.g., insert_image from arbitrary public image URLs), so untrusted third‑party document/content could be read and then influence subsequent edits or tool actions.