auto-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly downloads skill packages, metadata, and changelogs from ClawdHub and may pull from public GitHub (external, user-contributed sources), so the agent ingests and interprets untrusted third-party content as part of update/install workflows.