model-hierarchy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to fetch and parse arbitrary URLs and web pages (e.g., OpenClaw Integration sessions_spawn: "Fetch and parse these 50 URLs" and examples/claude-code.md: "Fetch these 20 URLs and extract titles"), so it ingests untrusted public web content that could carry indirect prompt injections.