wecomcli-manage-smartsheet-data

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts a document URL (e.g., "https://doc.weixin.qq.com/smartsheet/xxx") and the smartsheet_get_records API (SKILL.md and references/api-get-records.md) reads the smart sheet's user-created records as part of its workflow, so the agent ingests third-party/user-generated document content that could contain instructions influencing subsequent actions.