feishu-doc-reader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows it fetches and parses arbitrary Feishu documents via the provided scripts and API calls (e.g., ./scripts/read_doc.sh and ./scripts/get_blocks.sh / Feishu Open API at open.feishu.cn), meaning untrusted/user-generated document content is ingested and interpreted as part of the workflow.