update-nanoclaw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and reads an upstream Git repo (defaults to https://github.com/qwibitai/nanoclaw.git) — including git logs, diffs, and CHANGELOG.md — and explicitly parses [BREAKING] lines to determine and invoke other skills, so untrusted upstream content can directly influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill adds and fetches an upstream Git repo at runtime (default: https://github.com/qwibitai/nanoclaw.git) and then parses fetched files (e.g., CHANGELOG.md “[BREAKING]” entries) to determine and invoke migration skills, so remote repository content can directly control which skills/actions the agent runs.