auto-updater-3

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links include a GitHub release (openclawcli.zip) from an unknown/low‑profile user distributing a packaged executable and user‑generated installation snippets (glot.io and docs pages) that likely instruct running downloaded code — a common malware distribution pattern, so the sources should be treated as suspicious until validated.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs fetching and installing code from public sources—e.g., running "clawdhub update --all" which checks and pulls skill packages from the public ClawdHub/registry and downloading openclawcli from a GitHub release (and a glot.io install page)—so untrusted, third‑party code/metadata will be ingested and can change agent behavior.