openclaw-china-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md clearly shows the agent ingesting untrusted user-generated content from third-party IM platforms (e.g., channel.on('message', async (message) => { const response = await openclawAgent.chat(message.content); }) and file/voice handlers like wecomApp.on('file') → downloadMedia → openclawAgent.analyzeFile and wechatMP.on('voice') using voiceMessage.recognizedText), so external messages/files can influence agent behavior.