gws-drive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly includes methods that retrieve and download user-generated Drive content and metadata (e.g., files.get / files.download / files.export and comments.list in the "files" and "comments" sections), so the agent would ingest potentially untrusted third-party content from Google Drive that could contain instructions influencing subsequent actions.