lark-vc-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires the agent to fetch and read shared documents referenced in meeting events (see "内容理解模式：共享文档不能只看标题" in references/lark-vc-agent-meeting-events.md, which mandates continuing to read share_doc.url content) — these are user-generated/untrusted meeting-shared documents that the agent must interpret and which can materially influence its summaries/actions.