feishu-browser

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (e.g., references/monitor-chat.md and send-message.md) explicitly navigates to tenant Feishu pages (https://YOUR_TENANT.feishu.cn/…), uses browser snapshot/screenshot to extract group chat messages (user-generated content), and parses/acts on those messages to decide whether and how to reply, so untrusted third‑party content can influence agent actions.