Ask HN: If there has been no prompt injection, is it safe?

2•sayYayToLife•3h ago

As I use open claw I am concerned about prompt injection more than bad code. However I think I'm irrationally paranoid. I'm small fries I'm a single individual, someone actively trying to hack me is exploiting a multi-million dollar zero day and they're not doing that on me.

If we're thinking about accidentally deleting everything through a terminal command, I've yet to see this actually occur.

Deductively I can see all of the worst case scenarios with open claw. Inductively I've never seen it actually happen.

I find it a bit irrational to pretend that open claw is a genuine security risk.

The moment I see on Hacker News that someone got prompt injected, I think I'll be concerned. Until then I would need almost a lottery like chance to get hacked as the first person through prompt injection.

Comments

TheTaytay•3h ago

I think the more likely attack vector in OpenClaw is convincing it to install a malicious npm package or script, have that siphon all machine/env secrets, and then watch those secrets get abused. (Cloud API key -> crypto mining. Wallet key->theft. Npm credentials->worm publishes more copies of itself. GitHub key->more theft and malicious code upload. Email API key->IP theft and password reset on other systems) Almost all of this can be automated, so the attacker doesn’t have to know who you are.

It’s not targeted per se.

verdverm•2h ago

> I find it a bit irrational to pretend that open claw is a genuine security risk.

Except that it is an actual security risk, no pretending is needed. In general, agents expand the security surface and attack vectors, regardless of framework.

Your argument that it hasn't happened, therefore it doesn't exist is a well known cognitive bias.

See the Lethal Trifecta for one way in which security requires more thoughtfulness.

MarcelinoGMX3C•30m ago

I've been on the defense side for a while, and the "it hasn't happened yet" argument is dangerous territory. The surface area for attack definitely increases with agentic systems.

The comment about malicious package installs is a much more realistic threat, as an example. Prompt injection is one angle, but defending against a supply chain compromise or an agent being tricked into exfiltrating secrets should be a higher priority. That's a more direct and exploitable vector.

Ask HN: If there has been no prompt injection, is it safe?

Ask HN: AI productivity gains – do you fire devs or build better products?

Ask HN: Are you using OpenClaw or similar agents? How?

Skills are quietly becoming the unit of agent knowledge

Ask HN: How many of you are profiting with LLM wrapper apps?

Tell HN: YouTube - the "Jewel of the Internet" has faded

Ask HN: Growth for me,is realizing how much I didn't know 6 months ago. Yours?

Tell HN: MS365 upgrade silently to 25 licenses, tried to charge me $1,035

What would you do if you have AI software that may be transformers alternative?

Ask HN: How much are you spending on AI coding at work?

Tell HN: H&R Block tax software installs a TLS backdoor

Ask HN: How to get free/cheap Claude and AWS credits

Ask HN: How do you handle peer-to-peer discovery on iOS without a server?

Anyone know how long it will take to re-start Qatar's helium plants?

SparkVSR: Video Super-Resolution You Can Control with Keyframes

Spotify playing ads for paid subscribers

Ask HN: what’s your favorite line in your Claude/agents.md files?

Anchor: Hardware-based authentication using SanDisk USB devices

Structural Friction: A metric for human coordination cost

Ask HN: What do you look for in your first 10 hires?

Ask HN: Is vibe coding a new mandatory job requirement?

Ask HN: How do you deal with people who trust LLMs?

Ask HN: Why isn't the NSA categorized as an APT?

I got laid off and realized how broken tech hiring is

European municipalities leak citizen data to US companies

I built a game where you argue consumer rights against AI bots

Ask HN: Have you cancelled any software subscriptions because AI replaced them?

Ask HN: If there has been no prompt injection, is it safe?

Comments

Ask HN: If there has been no prompt injection, is it safe?

Ask HN: AI productivity gains – do you fire devs or build better products?

Ask HN: Are you using OpenClaw or similar agents? How?

Skills are quietly becoming the unit of agent knowledge

Ask HN: How many of you are profiting with LLM wrapper apps?

Tell HN: YouTube - the "Jewel of the Internet" has faded

Ask HN: Growth for me,is realizing how much I didn't know 6 months ago. Yours?

Tell HN: MS365 upgrade silently to 25 licenses, tried to charge me $1,035

What would you do if you have AI software that may be transformers alternative?

Ask HN: How much are you spending on AI coding at work?

Tell HN: H&R Block tax software installs a TLS backdoor

Ask HN: How to get free/cheap Claude and AWS credits

Ask HN: How do you handle peer-to-peer discovery on iOS without a server?

Anyone know how long it will take to re-start Qatar's helium plants?

SparkVSR: Video Super-Resolution You Can Control with Keyframes

Spotify playing ads for paid subscribers

Ask HN: what’s your favorite line in your Claude/agents.md files?

Anchor: Hardware-based authentication using SanDisk USB devices

Structural Friction: A metric for human coordination cost

Ask HN: What do you look for in your first 10 hires?

Ask HN: Is vibe coding a new mandatory job requirement?

Ask HN: How do you deal with people who trust LLMs?

Ask HN: Why isn't the NSA categorized as an APT?

I got laid off and realized how broken tech hiring is

European municipalities leak citizen data to US companies

I built a game where you argue consumer rights against AI bots

Ask HN: Have you cancelled any software subscriptions because AI replaced them?