openclaw-config

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly describes installing and loading third-party skills from ClawdHub/GitHub and lists Social/Web skills (e.g., bird, blogwatcher) that ingest public social/web content and "load[ ] into context when relevant," meaning the agent fetches and interprets untrusted user-generated web/social content that can change its behavior.