feishu-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The bridge (bridge.mjs) directly receives user-generated Feishu messages via the Feishu WebSocket event handler (im.message.receive_v1) and forwards that untrusted third-party content to the Clawdbot agent, allowing external message text to influence agent behavior and subsequent actions.