nemoclaw-user-reference

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The documentation (references/commands.md, references/architecture.md, and references/network-policies.md) shows onboarding can enable web_fetch/Brave Search and attach public messaging platforms (Telegram/Discord/Slack) so the sandboxed agent will ingest untrusted web and user-generated messages as part of its runtime workflow, which can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly documents the installer invoked at runtime as curl -fsSL https://www.nvidia.com/nemoclaw.sh | bash, which fetches and executes a remote script to install the required nemoClaw CLI (remote code execution during setup).