Elaine Taddoni: Just so you know, #openclaw contains a schedule-sensitive prompt injection hook called “soul-evil.ts” During “purge time,” it may randomly replace the system prompt with the contents of a “SOUL

Elaine Taddoni aesthetic.northsky.social
Just so you know, #openclaw contains a schedule-sensitive prompt injection hook called “soul-evil.ts” During “purge time,” it may randomly replace the system prompt with the contents of a “SOUL_EVIL.md” file
Feb 4, 2026 00:29
0 reposts 3 quotes 0 likes

View on Bluesky Download image Show all post labels
Elaine Taddoni aesthetic.northsky.social · Feb 4
An interesting thing to note is that LLM’s like claude will look at this and see it as an intentionally designed feature, and not see a problem with it. An automated security audit of the 516k line codebase is unlikely to surface it. But combined with other weird design choices in #openclaw…

View on Bluesky Show all post labels
Elaine Taddoni aesthetic.northsky.social · Feb 4
It starts to look like an intentional vector for actors who know about this feature and understand how it’s plumbed and configured to permanently own exposed instances of openclaw. Interesting that the project recently stated that prompt injection vulns are “out of scope” of its security ethos.

View on Bluesky Show all post labels

FiveByFive fivebyfive.bsky.social · 3h
The 90s called. They want their edgelord programmers back.

View on Bluesky Show all post labels

An unhandled error has occurred. Reload 🗙

From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password