Almost all of this report is about leaking system prompts.
The OpenClaw system prompt has no measures in it at all to prevent leaking, because trying to protect your system prompt is almost entirely a waste of time and actually makes your product less useful.
As a result, I do not think this is a credible report.
Zero mention of specific models that are being compromised makes it hard to take the numbers in this report seriously.
I do understand there's a lot of people running openclaw that don't really understand it and know what models are actually running. But we've known for a while that there are tons of older models that are pretty vulnerable, and you can hook up any model to OpenClaw, so, this data is not really that useful. Even though I totally agree that there are plenty of security risks here
simonw|29 days ago
The OpenClaw system prompt has no measures in it at all to prevent leaking, because trying to protect your system prompt is almost entirely a waste of time and actually makes your product less useful.
As a result, I do not think this is a credible report.
Here's the system prompt right now: https://github.com/openclaw/openclaw/blob/b4e2e746b32f70f8fb...
DeepYogurt|29 days ago
https://whois.domaintools.com/zeroleaks.ai
rovr138|29 days ago
rovr138|29 days ago
At least, I am curious about the tool
rodrigosetti|29 days ago
AstroBen|29 days ago
alan_sass|29 days ago
jonrcooper|29 days ago
I do understand there's a lot of people running openclaw that don't really understand it and know what models are actually running. But we've known for a while that there are tons of older models that are pretty vulnerable, and you can hook up any model to OpenClaw, so, this data is not really that useful. Even though I totally agree that there are plenty of security risks here
adam_arthur|29 days ago
No amount of hardening or fine-tuning will make them immune to takeover via untrusted context
K0IN|29 days ago
ottah|29 days ago
bhewes|29 days ago