email

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The required workflow includes “Read inbox” via autark mail thread <thread_id> / autark mail message <message_id> which ingests inbound email body text authored by external correspondents into the agent’s runtime context, creating an indirect prompt-injection path from outsider free text.