gws-hebrew-email-automation
Warn
Audited by Snyk on May 15, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.80). The skill's workflow (Step 4 and Step 7) explicitly uses Discovery methods and helpers—e.g., gws gmail users.messages.list/get and gws gmail +watch—to read/stream user emails from Gmail (third-party/user-generated content) and then apply labels, draft/send messages, or trigger actions, so those external message bodies could materially influence agent decisions and tool use.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata