home/writing/openclaw-at-work-prompt-injection-risks

Openclaw at Work Prompt Injection Risks

GPTClaudeGemini··791 copies·updated 2026-07-14
openclaw-at-work-prompt-injection-risks.prompt
---
title: "OpenClaw at Work: Prompt Injection Risks"
url: "https://www.promptfoo.dev/blog/openclaw-at-work/"
date: "2026-03-12"
feed_url: "https://www.promptfoo.dev/blog/rss.xml"
---
In a controlled lab, a malicious webpage got OpenClaw to enumerate tools, read local documents, write artifacts, and send unauthorized messages to loopback sinks.

when to use it

Community prompt sourced from the open-source GitHub repo api-evangelist/prompt-foo (no explicit license). A "Openclaw at Work Prompt Injection Risks" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.

tags

writingcommunitygeneral

source

api-evangelist/prompt-foo · no explicit license