add-feishu

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). This skill explicitly asks the user to provide the Feishu App ID and App Secret and instructs adding them into .env (and waiting for those values), which means the agent will receive sensitive secrets and is likely to handle or echo them verbatim (exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill directly ingests untrusted, user-generated messages from Feishu via a WebSocket event handler (see src/channels/feishu.ts registering 'im.message.receive_v1' and handleMessage, and SKILL.md Phase 4/5), passes that content into onMessage/onChatMetadata and interprets commands/mentions to drive behavior, so third-party messages could contain instructions that influence agent actions.