openclaw-autoreview
Warn
Audited by Snyk on Jul 3, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). The runtime LLM context is built from the local git change bundle plus optional
--prompt-file/--datasetcontents (repo-relative files read as UTF-8 prose), which can include outsider-authored free text from the reviewed branch/PR; e.g.,branch_bundle()/commit_bundle()/local_bundle()includegit diff/showoutput andvalidate_evidence_file()reads arbitrary repo files into the prompt.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata