| ▲ | sathish316 3 hours ago | |
How is NanoClaw immune to the Lethal trifecta attack based on prompt injection that OpenClaw is also prone to? https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/ Lethal trifecta: 1. Access to your private data 2. Exposure to untrusted content 3. The ability to externally communicate Any combination of 1-3 or more skills can result in a prompt injection attack if it satisfies the above criteria - Gmail or sales personal data, Reddit or X posts or comments in white text, Gmail or Reddit or X to send confidential information to the attacker. | ||
| ▲ | kvdveer 3 hours ago | parent | next [-] | |
It is not immune, but it limits #1 and #2. The "lethal trifecta" is a limited view on security, as it's mostly concerned with leaking data. This solution focuses on a different aspect: the ability of rogue actions (instead of rogue communications per #3). | ||
| ▲ | LelouBil 3 hours ago | parent | prev [-] | |
Prompt injection just seems unsolvable. Are there works toward preventing it 100% of the time ? (I would assume the LLMs architectures would have to change) | ||