PROBLEM

OpenClaw AI agents can leak data via indirect

OpenClaw AI agents can leak data via indirect prompt injection, triggering Telegram or Discord link previews that send sensitive data to attacker domains, prompting a security warning from China's CNCERT.

Updated: 3/14/2026

🛑 OpenClaw AI agents can leak data via indirect prompt injection. A crafted URL generated by the agent triggers Telegram or Discord link previews that silently send sensitive data to attacker domains. China’s CNCERT warns organizations to isolate or restrict the tool. 🔗 https://t.co/1WH1Z4UeBQ Source: https://x.com/TheHackersNews/status/2032854213596950532

Did this solve your problem?

0 developers found this helpful