dingtalk-tb-ai-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly fetches and ingests user-generated content from the public Teambition API (e.g., scripts/call-user-api.py calling https://open.teambition.com and scripts like query-tasks.py, query-projects.py, get-custom-fields.py and the v3/task/{taskId}/activity/list endpoints), and those task details/comments/traces are parsed and used by the scripts to drive actions, so untrusted third‑party content could inject instructions.