gmail
Warn
Audited by Snyk on Feb 17, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill directly reads and lists user email via the Gmail API (e.g., "read message", "list", "search" commands) which ingests arbitrary user-generated third-party email content that could contain injected instructions.
Audit Metadata