openclaw-help

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's execution flow (SKILL.md Step 2 "Retrieve from Official Docs" which uses WebFetch to fetch pages from docs.openclaw.ai and Step 4 "WebSearch Fallback" which invokes WebSearch) explicitly fetches and reads public web pages and search results, meaning untrusted third‑party content can be ingested and influence answers/actions, exposing the agent to indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly performs runtime WebFetch of the official docs (e.g. https://docs.openclaw.ai and pages like https://docs.openclaw.ai/start/getting-started and https://docs.openclaw.ai/llms.txt), and those fetched pages are incorporated into and directly drive the agent's responses (i.e., control prompts/instructions) as a required runtime dependency.