feishu-openapi-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and ingests user-generated IM content from the public Feishu/Lark APIs (e.g., get:/im/v1/messages and the long-connection inbound path via uxc subscribe to https://open.feishu.cn/open-apis described in SKILL.md), and those messages are part of the agent workflow and can drive sends/replies—allowing untrusted third-party text to influence actions.