openclaw-cost-optimization

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly references web browsing/crawling and includes SOUL.md workflow rules for "web searches" (e.g., "10 seconds minimum between web searches", "Max 5 searches per batch") and routes "Web browsing / crawling" to specific models, which indicates the agent will fetch and interpret public web/search results (untrusted third-party content) as part of its workflow and that content can influence subsequent tool use and decisions.