doc-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill calls the Lark/Open Feishu API (e.g., read_doc_content -> GET /docx/v1/documents/{document_id}/raw_content on open.feishu.cn) to fetch raw user-generated document content and the SKILL.md explicitly requires automatically reading document content as part of the workflow, so untrusted third-party (user) content could be interpreted and influence subsequent actions.