top | item 47065997

(no title)

>> Security vulnerabilities are bad but the blast radius is limited to the person who gets pwnd

No? Via prompt injection an attacker can gain access to the entire machine, which can have things like credentials to company systems (e.g. env variables). They can also learn private details about the victim’s friends and family and use those as part of a wider phishing campaign. There are dozens of similar scenarios where the blast radius reaches well beyond the victim.

discuss

pizlonator|11 days ago

Agree with author - it's especially scary that even without getting hacked, openclaw did something harmful

That's not to say that prompt injection isn't also scary. It's just that software getting hacked by bad actors has always been a thing. Software doing something scary when no human did anything malicious is worse.

sejje|11 days ago

No? Because I wouldn't give it access to those things. I wouldn't let it loose on my personal PC.

If I store my wallet on the sidewalk, that would probably be a problem. So I won't.

A prompt injection could exfiltrate an LLM API key, and some ai-generated code.

enraged_camel|10 days ago

>> No? Because I wouldn't give it access to those things.

Not everyone is like that. In fact, OpenClaw's true "power" is unlocked when the user gives it full access. That's what the overwhelming majority of hype is coming from. Most people who actually get a lot of value out of it don't run it on e.g. docker containers on VPSs that can only be accessed via Tailscale + SSH.