file-sync

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The copaw-sync script fetches agent config, SOUL.md, AGENTS.md and "skills" at runtime from a MinIO endpoint specified by HICLAW_FS_ENDPOINT (e.g., http://fs-local.hiclaw.io:18080) and then re-bridges/hot-reloads that content into CoPaw, meaning remote files from that URL can directly control agent configuration/instructions.