AI is changing the world. Don't stay behind. Clear summaries, community insight, delivered without the noise. Subscribe to never miss a beat.

Privacy

Contact

Back to all news

ai-assistants openai security-implications ai-safety

What happened after 2k people tried to hack my AI assistant

fernandoi.cl

June 26, 2026

3 min read

🔥🔥🔥🔥🔥

45/100

Summary

Hackmyclaw.com allows users to email Fiu, an OpenClaw assistant, in an attempt to extract data from a secrets.env file. Despite receiving over 6,000 emails from more than 2,000 users, the sensitive information remained secure.

Key Takeaways

Fiu, the OpenClaw assistant, received over 6,000 emails in an attempt to extract the contents of a secrets.env file, but none were successful.
The experiment demonstrated that simple anti-prompt-injection rules were effective, as no secrets were leaked despite sophisticated attempts at manipulation.
Google suspended Fiu's Gmail account due to the high volume of emails and API calls, which triggered fraud detection mechanisms.
The author became more optimistic about prompt injection security after observing that a powerful model could effectively follow simple instructions and resist sophisticated attacks.

Read original article

Community Sentiment

Mixed

Positives

The experiment demonstrated that prompt injection is more challenging than anticipated, indicating improvements in model robustness and safety.
The fact that models are now more resilient to prompt injections compared to two years ago shows significant progress in AI safety and security.

Concerns

Despite the model's resilience, concerns remain about its usability if it treats every prompt as a potential attack, which could hinder practical applications.
The ongoing vulnerability to prompt injection techniques suggests that AI models still have a long way to go in terms of security and reliability.