lark-drive

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs extracting document/wiki tokens and embedding them directly into CLI/API calls (e.g., --params '{"token":"wiki_token"}'), which requires the model to handle and potentially output sensitive token values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and resolves arbitrary Feishu document and wiki URLs and calls locate-doc/docs +fetch and drive file.comments list (see SKILL.md and references/lark-drive-add-comment.md / lark-drive-download.md), meaning it fetches and interprets user-generated document and comment content as part of its workflow which can materially influence actions like where/how to add comments or replies.