openclaw-channels

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill describes runtime ingestion of untrusted, user-generated messages from public third-party channels (e.g., incoming webhooks and attachments from Discord, WhatsApp, Telegram, Feishu, Google Chat and BlueBubbles) — see the channel docs such as references/en/channels/discord.md and references/en/channels/broadcast-groups.md which show agents process inbound messages and can execute actions based on their content, so third-party content can influence tool use and decisions.