build-openclaw-plugin

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and guides (e.g., references/guides/channel-provider-setup.md and references/guides/tool-registration.md, cited in SKILL.md) explicitly instruct building channels that ingest messages from Telegram/Discord/webhooks and tools that perform web scraping, meaning the plugin will consume untrusted user-generated/public web content that can influence model tool selection and actions.