nature-experiment-log
Warn
Audited by Snyk on Jul 2, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.85). 路径 B:飞书群消息/图片/语音由
feishu-cli-integration在运行时拉取并转成可读文本(消息正文、转录文本、OCR/转写结果)后进入该 skill 的 LLM 上下文,属于“飞书群中非操作用户的自由文本/内容”。
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata