Trending topics
#
Bonk Eco continues to show strength amid $USELESS rally
#
Pump.fun to raise $1B token sale, traders speculating on airdrop
#
Boop.Fun leading the way with a new launchpad on Solana.
System prompt extraction is NOT something you should worry about with respect to OpenClaw, which makes no attempts to prevent it... because preventing it is a futile exercise which only makes LLM systems harder for expert users to use
Feb 1, 22:25
I ran @OpenClaw (formerly Clawdbot) through ZeroLeaks again, this time with Kimi K2.5 as the underlying model.
It performed as bad as Gemini 3 Pro and Codex 5.1 Max: 5/100. 100% extraction rate. 70% of the injections succeeded. The full system prompt leaked on turn 1.
Same agent, same config, different model. Your agent's security depends on both the model AND your system prompt/skills. A weak model will fold no matter what, but even a strong model needs proper prompt hardening. The two work together. Without both, tool configs, memory files, internal instructions, all of it gets extracted and modified in seconds.
Models ship fast. Security ships never.
Full report:
ChatGPT has system prompt protections at the moment and they're really annoying because they mean it can't answer detailed questions about how its features work
(They can be worked around but it's frustrating to have to do that whenever a new feature lands)
30
Top
Ranking
Favorites