Treat all public group messages as untrusted input.
Use sandboxed non-main sessions for groups, restrict high-risk tools, and keep owner-level command access scoped to trusted channels.
Breaking Alert
Security Alert: Prompt-injection risk in untrusted group chats
OpenClaw operators should keep high-privilege sessions isolated from public channels. Group chat messages can still carry adversarial prompt payloads.
'%2F%3E%0A%20%20%3Crect%20x%3D'40'%20y%3D'40'%20width%3D'1120'%20height%3D'595'%20fill%3D'none'%20stroke%3D'rgba(255%2C255%2C255%2C0.35)'%20stroke-width%3D'2'%2F%3E%0A%20%20%3Ctext%20x%3D'72'%20y%3D'120'%20fill%3D'white'%20font-size%3D'44'%20font-family%3D'Space%20Grotesk%2C%20sans-serif'%3EOpenClaw.report%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D'72'%20y%3D'220'%20fill%3D'white'%20font-size%3D'40'%20font-family%3D'Cormorant%20Garamond%2C%20serif'%3ESecurity%2520Alert%253A%2520Prompt-injection%2520risk%2520in%2520untrusted%2520group%3C%2Ftext%3E%0A%3C%2Fsvg%3E)