it’s important to be aware of future potential issues,

New code tends to have flaws. There’s no strong reason to expect that the current new implement has a serious flaw.

But if I was still using Gmail, I would turn the new feature off.

Anything that can be exploited in a software stack is a higher risk when exposed to the risk cesspool of modern email.

So in summary: chance that this new feature is an injection risk: low.

Risk of harm if there’s any security flaws in it: high.