clawdhub

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly directs the agent to fetch and install/update skills from the public registry (default https://clawdhub.com) using commands like "clawdhub install" and "clawdhub update", which pulls untrusted third-party skill code/content that can materially change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The ClawdHub CLI explicitly fetches skills at runtime from the default registry (https://clawdhub.com), and those remote skill packages are code/instruction bundles that can control agent prompts or execute code, so this is a required runtime dependency that poses risk.