auto-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's agent workflow explicitly runs "clawdhub update --all" and captures SKILL_OUTPUT for the agent to parse (references/agent-guide.md Step 2), which will contain data fetched from third-party skill registries/repositories and thus exposes untrusted, user-generated content that the agent reads and interprets.