clawsec-scanner

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill autonomously fetches advisory text from public CVE APIs (scripts/query_cve_databases.mjs → OSV/NVD) and — critically — discovers and executes third‑party hook handler code from installed skills (scripts/dast_runner.mjs + scripts/dast_hook_executor.mjs), then includes those tools' outputs and error/text fields into the unified report which handler.ts posts into conversation messages, so untrusted user-supplied content can be reflected back to the agent and influence subsequent actions.