lark-messages

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and displays user-generated group chat messages from Lark (via mcp__lark__im_v1_message_list) as shown in the SKILL.md "Message Access" section and "Find and Read Group Messages" workflow, so untrusted third-party content (group messages) is read and can influence subsequent actions.