openclaw-config

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes an explicit CLI example that writes a token literal into config (openclaw config set channels.discord.token '"YOUR_DISCORD_BOT_TOKEN"' --json), which would require the LLM to emit secret values verbatim even though env-var alternatives are mentioned.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly instructs fetching schema from the public OpenClaw repo (e.g., "git clone https://github.com/openclaw/openclaw.git" in references/schema-sources.md and SKILL.md step 2) so the agent may read and act on content from a third‑party public repository which can influence config-editing decisions.