feishu-doc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and parses user-generated/untrusted content from Feishu document and wiki URLs (see cmd_read, cmd_list_blocks, cmd_wiki_tree, cmd_read_chat) and can import arbitrary public WeChat URLs (cmd_import_wechat), and SKILL.md workflows direct the agent to read/summarize and then perform edits/creates (update-block, create, append), so third-party content could materially influence subsequent tool actions.