openclaw-tour-planner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's core workflow (SKILL.md and the listed src/apis/wikivoyage.ts) explicitly fetches and ingests public, user-generated Wikivoyage content (and other public APIs like Nominatim/Visual Crossing) and uses those guides to build itineraries and decisions, exposing the agent to untrusted third‑party content that can materially influence actions.