feishu-cal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill calls the Feishu APIs to fetch calendar events, attendees, and chat members (see scripts/cal_ctl.py: cmd_event_list, cmd_contact_sync, cmd_chat_members and the _create_event/attendees flows), and it auto-learns and acts on attendee/display_name and event data from those user-generated Feishu responses, so untrusted third-party content can influence contact resolution and subsequent tool actions.