wecomcli-smartsheet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports fetching smart-sheet documents by URL (e.g., smartsheet_get_records accepts a document URL like "https://doc.weixin.qq.com/smartsheet/xxx" as shown in references/smartsheet-get-records.md) and the required workflows instruct the agent to read those retrieved, potentially user-generated record contents and then use them to decide record_ids/updates/deletes, meaning untrusted third‑party content can directly influence subsequent tool actions.