kb-abstract-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill (scripts/kb_abstract_fetch.py, extract_abstract_from_doi) opens arbitrary DOI redirect pages at https://doi.org/{doi} via the OpenClaw Browser and extracts page abstract text, then uses that extracted content to decide whether to write to the PostgreSQL rows—i.e., it ingests untrusted public web content that can influence database-updating actions.