Prompt Request Pipeline

This skill bundle is highly suspicious due to multiple severe vulnerabilities that enable remote code execution (RCE) and data exfiltration. The `openclaw.json` configuration (referenced in `SKILL.md` and `examples/sample-hook-config.json`) explicitly sets `allowUnsafeExternalContent: true`, which significantly lowers security barriers. The `templates/messageTemplate.txt` contains direct `exec()` calls with interpolated user-controlled variables (e.g., `OMEGA_BRIDGE_PATH`, `{{issue.number}}`), creating shell injection and RCE risks. Furthermore, the agent is instructed to read and follow external markdown files (e.g., `AGENTS.md`, `SOUL.md`, `SKILL.md`) from the repository itself, and to 'implement each meaningful task' from the issue body, providing extensive prompt injection surfaces. The agent is also instructed to 'Run existing tests' and automatically merge PRs based on its own review, which can be bypassed by a malicious actor to introduce and merge harmful code.