gws

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill (SKILL.md) exposes the agent to user-generated, potentially untrusted content by running an MCP server that gives the agent direct access to Gmail, Drive, Docs, Sheets, Calendar and Chat (see "MCP Server Mode" and "OpenClaw Agent Usage" entries), allowing the agent to read and act on mailbox/messages and documents that could contain instructions that influence behavior.