openclaw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes linking external messaging channels ("channels login --verbose" — WhatsApp/Telegram) and listing conversation sessions/agent orchestration, which indicates the CLI ingests and acts on untrusted, user-generated messages from third-party platforms that could influence agent behavior.