google-docs-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill programmatically reads and modifies arbitrary Google Docs (see SKILL.md and scripts/docs.py — e.g., cmd_find/cmd_get_text and the "Find → read → edit" workflow), which ingests user-generated third-party document content via the Drive/Docs APIs that can influence subsequent edits and actions.