openclaw-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Vulnerability surface detected for indirect prompt injection through documentation ingestion.\n
- Ingestion points: The
web_fetchtool andscripts/fetch_openclaw_docs.pyretrieve content from docs.openclaw.ai and github.com.\n - Boundary markers: Absent; the skill does not use delimiters or warnings to separate external data from agent instructions.\n
- Capability inventory: The skill performs web searches and synthesis, providing formatted markdown responses.\n
- Sanitization: Absent; fetched content is summarized and presented without explicit validation or filtering.\n- [EXTERNAL_DOWNLOADS] (LOW): The script
scripts/fetch_openclaw_docs.pyuses therequestslibrary to download documentation data from GitHub. While no remote code is executed, the dependency and network retrieval of data are noted.
Audit Metadata