vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-03-12 07:20:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs(security)!: document messaging-only onboarding default and hook/model risk

Browse Source
This commit is contained in:
Peter Steinberger
2026-03-02 18:15:43 +00:00
parent 718d418b32
commit cf5702233c
8 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/gateway/security/index.md
View File

@@ -538,6 +538,11 @@ Guidance:
- Only enable temporarily for tightly scoped debugging.
- If enabled, isolate that agent (sandbox + minimal tools + dedicated session namespace).
Hooks risk note:
- Hook payloads are untrusted content, even when delivery comes from systems you control (mail/docs/web content can carry prompt injection).
- Weak model tiers increase this risk. For hook-driven automation, prefer strong modern model tiers and keep tool policy tight (`tools.profile: "messaging"` or stricter), plus sandboxing where possible.
### Prompt injection does not require public DMs
Even if **only you** can message the bot, prompt injection can still happen via