openclaw

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's setup and CLI explicitly instructs fetching and syncing code from a public GitHub URL (the bootstrap curl to raw.githubusercontent.com and the repo sync/VERSION checks in SKILL.md and the openclaw script that runs SCRIPTS_DIR/sync.sh and version-check.sh), causing the agent to ingest and execute upstream, public third-party content which can change behavior and tools used.