google-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to read and search Google Docs/Drive content — including docs.getText, docs.getComments, docs.getSuggestions, and drive.search/fullText — meaning it ingests user-generated/untrusted document content and comments that could contain instructions influencing subsequent edits or actions.