feishu-doc-optimizer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires running scripts that take a document token as a direct command-line argument (python3 scripts/... <doc_token>), meaning the agent would need to echo/include the sensitive doc token verbatim in commands/outputs, which exposes secrets via logs/command history and exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and scripts (SKILL.md and scripts/feishu_doc_reader.py / scripts/feishu_doc_editor.py) explicitly fetch and open arbitrary Feishu document content via open.feishu.cn and opencaio.feishu.cn using a doc_token, read and analyze that user-generated document text, and then use it to decide and perform edits—allowing untrusted third-party content to influence actions.