feishu-connection

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs placing the App Secret into a file via an echo command and shows inline environment assignments (e.g., FEISHU_APP_ID=cli_xxx), which require copying or embedding secret values verbatim into shell commands/outputs, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The bridge (bridge.py) connects to the Feishu cloud via a LarkWsClient/EventDispatcherHandler to receive user-generated Feishu chat messages over a WebSocket long-connection and forwards those messages to the Moltbot agent, so arbitrary third-party/user content from Feishu is ingested and interpreted by the agent.