feishu-cli-attendance
Warn
Audited by Snyk on Jun 13, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 该 skill 运行时通过
feishu-cli attendance调用飞书开放平台的考勤 OpenAPI(如POST /open-apis/attendance/v1/user_tasks/query、.../user_stats_datas/query),LLM 会读取并把飞书返回的“姓名/结果/统计字段”等响应文本放入上下文;这些响应内容属于飞书/第三方系统的外部数据(OUTSIDER)。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata