model-hierarchy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs agents to fetch and parse arbitrary web URLs (see SKILL.md "URL fetching and basic parsing" and the OpenClaw example sessions_spawn "Fetch and parse these 50 URLs", plus the scenarios/test entry "Fetch the homepage of example.com"), so it ingests open/public untrusted content that can influence subsequent agent decisions and tool use.