gws-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly includes commands to fetch and read Google Docs (e.g., "gws docs documents get" and the "+write" helper), meaning the agent will ingest user-generated Google Doc content (third-party/untrusted) that could contain instructions influencing subsequent actions.