cold-start

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and processes untrusted third-party/user-generated content—e.g., Google Contacts/Calendar/Gmail via ClawVisor (Phase 2–4 code), conversation exports (Phase 5), and X/Twitter archives/live API (Phase 6) as described in SKILL.md—and uses that content to extract entities, update the brain, and drive subsequent actions and decisions, which enables indirect prompt-injection risk.