wecomcli-doc

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and API docs (e.g., get_doc_content and smartsheet_get_records) explicitly allow passing external doc URLs (e.g., https://doc.weixin.qq.com/...) and return user-authored Markdown and table records which the agent is expected to read and use to decide edits/record operations, exposing it to untrusted third-party content that could inject instructions.