tomku a day ago

https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/

Note that nothing about that depends on it being a local or remote model, it was just less of a concern for local models in the past because most of them did not have tool calling. OpenClaw, for all the cool and flashy uses, is also basically an infinite generator for lethal trifecta problems because its whole pitch is combining your data with tools that can both read and write from the public internet.

Reply View 0 replies
haebom 11 hours ago

As another clever person commented earlier, this also serves as a gateway, allowing me to view my local documents and leak them out at any time.

Reply View 0 replies
plagiarist a day ago

Because it is running with --dangerously-allow-all and can make HTTP calls to exfiltrate data.

It can also install arbitrary software.

Reply View 0 replies