openclaw-rss

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — SKILL.md (OpenClaw AI Summary Integration and the rss_notify/watch_feed scripts) explicitly fetches public RSS feeds via curl (e.g., https://www.appinn.com/feed/, hnrss.org, techcrunch.com) and pipes that untrusted third‑party content into OpenClaw for summarization/notifications, so external content is ingested and can materially influence agent behavior.