google-slides

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly tells the agent to locate and extract content from Google Slides presentations (using drive.search, slides.getText, slides.getImages and by accepting arbitrary Google Drive URLs), meaning it will ingest user-generated third-party slide content that could contain instructions influencing its actions.