gws

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads user-generated content from Google Workspace services (e.g., Gmail via "gws gmail +triage" and message get/reply commands, Drive/Docs/Sheets via "gws drive", "gws docs documents get", "gws sheets +read") and uses that content in workflows (e.g., "+email-to-task", replies, file-announce) which could allow untrusted third-party instructions to influence actions.