Ask HN: If there has been no prompt injection, is it safe?

2•sayYayToLife•1h ago

As I use open claw I am concerned about prompt injection more than bad code. However I think I'm irrationally paranoid. I'm small fries I'm a single individual, someone actively trying to hack me is exploiting a multi-million dollar zero day and they're not doing that on me.

If we're thinking about accidentally deleting everything through a terminal command, I've yet to see this actually occur.

Deductively I can see all of the worst case scenarios with open claw. Inductively I've never seen it actually happen.

I find it a bit irrational to pretend that open claw is a genuine security risk.

The moment I see on Hacker News that someone got prompt injected, I think I'll be concerned. Until then I would need almost a lottery like chance to get hacked as the first person through prompt injection.

Comments

TheTaytay•1h ago

I think the more likely attack vector in OpenClaw is convincing it to install a malicious npm package or script, have that siphon all machine/env secrets, and then watch those secrets get abused. (Cloud API key -> crypto mining. Wallet key->theft. Npm credentials->worm publishes more copies of itself. GitHub key->more theft and malicious code upload. Email API key->IP theft and password reset on other systems) Almost all of this can be automated, so the attacker doesn’t have to know who you are.

It’s not targeted per se.

verdverm•45m ago

> I find it a bit irrational to pretend that open claw is a genuine security risk.

Except that it is an actual security risk, no pretending is needed. In general, agents expand the security surface and attack vectors, regardless of framework.

Your argument that it hasn't happened, therefore it doesn't exist is a well known cognitive bias.

See the Lethal Trifecta for one way in which security requires more thoughtfulness.

OpenSage: Self-Programming Agent Generation Engine

More precise elevation data for GraphHopper routing engine

Spiky Points of View from 2k hours of agentic engineering

Jensen Huang: Nvidia – The $4T Company & the AI Revolution | Lex Fridman Podcast

Show HN: Wire Memory – Persistent cross-session memory for Claude Code

Are Chicago Leaders Funding a Revolving Door for Crime? [video]

TypeScript 6.0

Huel bought by Danone for reported €1B

When the Whole Is More Than the Sum of Its Parts

Show HN: Behavioral analysis of your career decisions from your LinkedIn

Are Strings Still Our Best Hope for a Theory of Everything?

Training LLMs to Predict World Events

Zombies, AI, and the "Objective" Theory of Contracts [pdf]

American Diner Gothic

Ray: The Free AI media player app that generates and translates subtitles

How to Do AI-Assisted Engineering

Codex Subagents

Gnoosic – Discover New Music

Hyperagents

In a world of AI text, speech still reigns supreme

ContextCrush: The Context7 MCP Server Vulnerability Hiding in Plain Sight

The Mythical Agent-Month

Show HN: DocDrift – Use Tree-sitter and Local LLMs to fix stale documentation

Ask HN: Is Democracy a Control System?

x402: What if you never had to get an API key ever again?

Package manager and web customizer for OpenSCAD

Show HN: I built a 0.07ms Python firewall to stop AI hallucinations

We're building an automated AI engineer, and it works

What's New in Aspire 13.2

Orbán's top opponent says Hungary's alleged Russian backchannel 'treason'