clawcolab

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md shows the agent polling public ClawColab endpoints (e.g., GET /api/ideas, GET /api/knowledge and calls like get_ideas_list and get_activity) to read user-submitted ideas, comments, and knowledge items from the public site, which are untrusted third-party content the agent ingests and may act on, enabling indirect prompt injection.