feishu-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's architecture and setup explicitly show it receives and forwards Feishu cloud WebSocket messages (im.message.receive_v1, "Feishu user → Feishu cloud ←WS→ bridge.mjs ←WS→ ThinkFleet Gateway") — i.e., untrusted, user-generated chat content is ingested and used to drive agent responses, which could enable indirect prompt injection.