clawdnet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly discovers and fetches public, user-provided agent data and outputs — e.g., GET /api/agents, GET /api/agents/{handle} (including registration.json) and GET /api/agents/{handle}/reviews, and it can invoke other agents via POST /api/agents/{handle}/invoke — which are untrusted third‑party sources the agent is expected to read and act on, enabling indirect prompt injection.