Skills
skills/olafgeibig/skills/lossless-claw-skill/Snyk

lossless-claw-skill

Warn

Audited by Snyk on Mar 11, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary user conversation messages and stored files from OpenClaw sessions and exposes them to agents/sub-agents (see reference/architecture.md about persisted messages and XML-wrapped context, and reference/agent-tools.md / SKILL.md describing lcm_grep, lcm_describe returning full file content, and lcm_expand_query which spawns sub-agents that read source messages), so untrusted user-generated content can directly influence agent behavior.

Issues (1)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 07:40 PM
Issues
1