gmail-access

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and processes user emails and inline images via the Gmail CLI (see "Gmail Commands", "Inline Image Extraction", and preflight Step 2.5 in SKILL.md), meaning it ingests untrusted, user-generated third‑party content from Gmail and uses that content to auto-detect senders, transcribe annotations, and drive draft/response behavior.