Skills
skills/pietz/skills/gws/Snyk

gws

Warn

Audited by Snyk on Mar 20, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill explicitly reads full Gmail message bodies (e.g., "gws gmail users messages get" with "format": "full" and the "+triage" helper) and uses that untrusted, user-generated email content to drive actions like replies, forwards, and calendar changes, so third-party content could indirectly inject instructions that affect agent behavior.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 20, 2026, 11:30 AM
Issues
1