feishu-messages

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt's examples and parameter list instruct passing the App Secret (--secret / <app_secret>) on the command line or embedding it in commands, which requires handling/outputting the secret verbatim and is an insecure pattern.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and parses user-generated chat messages from the Feishu Open API (open.feishu.cn, see getChatHistoryMessages in scripts/get_feishu_messages.js and the SKILL.md use-case "分析飞书群聊内容"), so untrusted third-party content is ingested and intended to be read/interpreted as part of the workflow and could therefore influence downstream decisions.