top | item 47051275

(no title)

LelouBil | 12 days ago

I'm currently hesitating to use something like OpenClaw, however, because of prompt injections and stuff, I would only have it able to send messages to me directly, no web query, no email reply, etc...

Basically act as a kind of personal assistant, with a read only view of my emails, direct messages, and stuff like that, and the only communication channel would be towards me (enforced with things like API key permissions).

This should prevent any kind of leaks due to prompt injection, right ? Does anyone have an example of this kind of OpenClaw setup ?

discuss

e12e|12 days ago

> (...) and the only communication channel would be towards me (enforced with things like API key permissions).

> This should prevent any kind of leaks due to prompt injection, right ?

It might be harder than you think. Any conditional fetch of an URL or DNS query could reveal some information.

LelouBil|12 days ago

DNS Queries are fine, and also conditional URL fetches, as long as they are not arbitrary, should be okay too.

I don't mind the agent searching my GMail using keywords from some discord private messages for example, but I would mind if it did a web search because it could give anything to the search result URLs.

iwontberude|12 days ago

I wrote this exact tool over the last weekend using calendar, imap, monarchmoney, and reminders api but I can’t share because my company doesn’t like its employees sharing their personal work even.