I really don’t understand the widespread adoption of OpenClaw when a simple prompt injection in an email, chat message, or calendar event has the potential to leak the credentials/keys for every attached service.
There are going to be some incredible blow ups due to this. From the sound of it people think they're safe by running it with local models and keeping it on their own network but seem to have zero concept of a malicious text prompt finding its way in and turning it into a double agent who figures out how to exfiltrate data.
This... OpenClaw is the best thing to happen to security and forensic firms since Windows XP. The amount of hacks, data/credential leaks, etc to come out of this will be of unfathomable proportions.
Paradoxically this is good in long term. A series of massive fuckups reported by mainstream media has more educational value than disclaimers or warnings by competent people.
