feishu-memory-recall

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly fetches and ingests user-generated messages from the public Feishu API (see index.js fetchMessages calling https://open.feishu.cn/open-apis/im/v1/messages and the SKILL.md "search/recall/digest" steps), and then the agent reads and uses that content to drive searches, recalls, and digests—so untrusted third-party content can influence agent outputs and behavior.