openclaw-help

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to WebFetch pages from the public docs site (e.g., https://docs.openclaw.ai) and to invoke a WebSearch fallback to organize answers from open web results, meaning the agent will read and act on untrusted third-party web content (web search pages) as part of its workflow, enabling indirect prompt injection.