document-hub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's DocumentHub.from_feishu implementation (document_hub.py) explicitly fetches and converts Feishu document URLs using url_to_md/doc_to_md (including a "browser" url_to_md for wiki pages), which ingests user-generated third-party content that the agent reads and uses to produce/convert/upload files, exposing the agent to indirect prompt injection from untrusted docs.