skill-vetting

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly downloads external skill packages from https://clawhub.ai/api/v1/download?slug=SLUG and the architecture/mediate steps (described in ARCHITECTURE.md and SKILL.md) present extracted code and comments from those untrusted, user-contributed skill files to LLM reviewers for making install/reject decisions, so third-party content is ingested and can influence agent actions.