feishu-wiki

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts (e.g., scripts/read_bitable.py and scripts/list_wiki.py) accept Feishu wiki/bitable URLs and call the Feishu open-apis to fetch wiki nodes and table records (user-generated content) which the agent is expected to read and which can influence which tables/records are accessed and subsequent save/add actions, exposing it to untrusted third-party content.