gdocs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and reads Google Docs content via the Google Docs/Drive APIs (see scripts/gdocs.ts: readDocument / docs.documents.get and listDocuments), which can be arbitrary user-generated, untrusted third‑party document content that the agent ingests and could influence subsequent edits/exports.