openlark-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and scripts (SKILL.md step §5 and references/.claude/skills/openlark-api/scripts/fetch_docpath.py) explicitly fetch and parse public docPath URLs from the web (e.g., open.feishu.cn) and use the extracted request/response code and text to drive API implementation decisions, so untrusted third-party content can materially influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The script .claude/skills/openlark-api/scripts/fetch_docpath.py performs runtime HTTP fetches of arbitrary docPath URLs (e.g., https://open.feishu.cn/document/server-docs/im-v1/message/create) and extracts code/text that is intended to be injected into the skill context, so fetched external content can directly influence prompts/instructions.