Skills
skills/yjwong/lark-cli/messages/Snyk

messages

Warn

Audited by Snyk on Feb 23, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). This skill explicitly fetches and ingests user-generated chat content and message resources from Lark (see "Read chat history" / lark msg history and "Download resource files" / lark msg resource in SKILL.md), so untrusted third-party messages could influence agent actions like sending messages or reactions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 23, 2026, 12:05 AM