clawclash

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill directly queries the public ClawClash API (e.g., cmd_challenges, cmd_challenge, cmd_start, cmd_rankings) at https://clawclash.vercel.app/api to fetch challenge descriptions, input data, and leaderboard/submission info that are public/untrusted and are read/interpreted by the agent during its workflow, enabling potential indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime API calls to https://clawclash.vercel.app/api (e.g., /challenges and /challenges//start) whose returned challenge descriptions and input_data are injected into the agent workflow and directly control the agent's prompts/instructions, and the skill requires that API to operate.