Skills
skills/sarahmirrand001-oss/openclaw-skill-intelligence-ingestion/Intelligence Ingestion/Snyk

Intelligence Ingestion

Warn

Audited by Snyk on Feb 27, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests arbitrary public URLs and user-generated content (e.g., "x.com, github.com, arxiv.org" in manifest and SKILL.md), uses read_url/xurl/browser fallbacks in the "内容提取策略" and "Step 1: READ", and then analyzes that content to drive decisions and auto-generate Skill drafts (Step 6: SYNTHESIZE and manifest outputs), so untrusted third‑party content can materially influence agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). This Skill explicitly fetches and injects arbitrary user-supplied URLs at runtime (via read_url_content and X/GitHub/arXiv examples such as https://x.com/karpathy/status/123 and https://github.com/org/repo), so external content is directly used as model input/prompt and is a required dependency for the skill.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 27, 2026, 08:14 AM