botlearn-assessment

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflows and question bank explicitly demand web searches, ClawHub API queries and downloading/inspecting community skill packages (see SKILL.md Tool Dependency Pre-Check and questions like questions/d2-retrieval.md IR-EASY-001 and the TO-HARD-001 "ClawHub Skill Security Auditor"), so the agent will fetch and interpret untrusted public/user-generated web content that can directly influence tool use and decisions.