skill-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The auditor explicitly requests a skill URL/file/paste and its workflow requires reading and interpreting SKILL.md and other files from third-party sources (e.g., ClawHub, GitHub) which are untrusted user-controlled content that can contain instructions influencing the agent's decisions.