gdrive-sheets-compute

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's CLI and SKILL.md explicitly download PDFs from Google Drive (see scripts/gdrive_sheets.py: _download_and_extract_pdf, drive extract-pdf/extract-pdfs and pipeline pdf-to-table/folder-summary) and then output raw extracted text with the instruction "Claude can then parse extracted text, compute values, then ... write" — meaning the agent ingests arbitrary user/third-party Drive content and uses it to decide writes to Sheets, exposing it to untrusted user-generated content that can influence actions.