sheetsu

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly integrates with Sheetsu (which turns Google Sheets into JSON APIs) and instructs using Membrane actions (see "Connecting to Sheetsu" and "Running actions" / membrane action run ... where the action output is consumed), so the agent will fetch and interpret external, user-provided spreadsheet data that could contain untrusted instructions.