file-sync-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly pulls and reads Worker-uploaded files from MinIO (e.g., ${HICLAW_STORAGE_PREFIX} into /root/hiclaw-fs/, including /root/hiclaw-fs/shared/tasks/{task-id}/result.md in references/sync-guide.md), so untrusted/user-generated content is ingested at runtime and can influence subsequent actions.