okr-native

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's run.py clearly calls the Feishu/Lark API (see _lark_api using https://open.feishu.cn/open-apis and the list_user_okrs/list_periods/batch_get_okrs handlers) to fetch user-generated OKR data, and SKILL.md requires the agent to read that content and automatically extract okr_ids to drive further actions (chain calls), so untrusted third-party content can materially influence subsequent tool use.