feishu-doc-optimizer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs passing a document token as a command-line argument (python3 scripts/feishu_doc_reader.py <doc_token>) and to extract the token from the URL, which encourages including sensitive tokens verbatim in commands/outputs and thus is high-risk secret handling.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly reads arbitrary Feishu document content via the Feishu API (see scripts/feishu_doc_reader.py calling https://open.feishu.cn/open-apis/docx/v1/documents/{doc_token}/raw_content) and opens document pages with Playwright (scripts/feishu_doc_editor.py -> https://opencaio.feishu.cn/docx/{doc_token}), and that user-generated/untrusted document content is parsed and used to drive editing decisions, so it could enable indirect prompt injection.