The latest articles on DEV Community by LiYuo (@liyuo). https://dev.to/liyuo https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3891198%2F5884578a-8e83-4160-b1c7-e42c2776703d.jpeg https://dev.to/liyuo en LiYuo Wed, 22 Apr 2026 06:56:10 +0000 https://dev.to/liyuo/attacks-via-openclaw-when-your-llm-can-make-rce-3gdc https://dev.to/liyuo/attacks-via-openclaw-when-your-llm-can-make-rce-3gdc <p>An attack on OpenClaw that was not recognized as a vulnerability by the OpenClaw Security Team. Essentially, it’s an Indirect Prompt Injection (or a reflected prompt injection, if we draw an analogy with Reflected XSS). In short, yet another RCE. It’s just interesting - right now everything related to the security of AI-agents and how they can be hacked is interesting.</p> <p>Original article: <a href="https://purpleshift.io/articles/2026-04-21-openclaw/" rel="noopener noreferrer">https://purpleshift.io/articles/2026-04-21-openclaw/</a></p> ai security openclaw