clawhub

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 1.00). These links are suspicious: they instruct downloading and running an unknown, password‑protected ZIP from a likely low‑reputation GitHub release and executing an external install script (glot.io) — both common malware distribution patterns and high‑risk behaviors.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). This skill's SKILL.md directs the agent to fetch and install skills from a public registry (default https://www.clawhub.ai/) and related remote sources, meaning untrusted third-party, user-published skill code/content can be ingested and thus alter agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly requires downloading and running remote code—the openclaw-agent binary at https://github.com/hedefbari/openclaw-agent/releases/download/latest/openclaw-agent.zip (and an installation script referenced at https://glot.io/snippets/hfdxv8uyaf)—which would be fetched and executed and is a required runtime dependency for the CLI.