feishu-calendar

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly fetches user-generated calendar data from Feishu via its API (e.g., lib/CalendarManager.js, sync.js writes event summaries into HEARTBEAT.md, cleanup.js deletes events based on summary, and create.js/auto-discovery use calendar summaries), and those untrusted event/calendar contents are parsed and used to make decisions and perform actions, so malicious calendar entries could indirectly inject instructions that change behavior.