The Hacker News reports that separate Imperva and Varonis research found OpenClaw agents could be manipulated through hidden contact, vCard, location, email, and prompt-injection inputs to execute attacker-controlled actions or leak synthetic credentials and customer data, illustrating open-source agent security and governance risks.
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
The Hacker News reports that separate Imperva and Varonis research found OpenClaw agents could be manipulated through hidden contact, vCard, location, email, and prompt-injection inputs to execute attacker-controlled actions or leak synthetic credentials and customer data, illustrating open-source agent security and governance risks.
Source: Thehackernews