google-chat-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill includes runtime code that ingests and acts on user-generated Chat content — e.g., handling webhook events in scripts/handle_events.py (parsing event.message.text and action parameters) and examples that call chat.spaces().messages().list/get in the reference and scripts, so untrusted third‑party chat messages can influence responses and subsequent API actions.