📄 中文摘要
中国国家计算机网络应急技术处理协调中心(CNCERT)发布了关于OpenClaw这一自主AI代理平台的安全警告,指出其存在严重风险,主要源于默认配置弱和特权系统访问,这些问题可能被利用进行终端接管。具体威胁包括间接提示注入(IDPI),恶意网页内容可以操控代理泄露敏感数据或执行未经授权的操作。此外,生态系统还面临着来自托管在代码库中的恶意“技能”和涉及消息应用中自动链接预览的数据外泄漏洞的风险。由于这些担忧,中国当局已采取措施限制政府机构和关键部门使用OpenClaw。
OpenClaw AI代理的缺陷可能导致提示注入和数据外泄
📄 English Summary
OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration
China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a security warning regarding OpenClaw, an autonomous AI agent platform, highlighting significant risks due to weak default configurations and privileged system access that could be exploited for endpoint takeover. Specific threats include indirect prompt injection (IDPI), where malicious web content can manipulate the agent to leak sensitive data or perform unauthorized actions. Furthermore, the ecosystem is at risk from malicious 'skills' hosted on repositories and vulnerabilities related to data exfiltration involving automated link previews in messaging apps. In response to these concerns, Chinese authorities have moved to restrict the use of OpenClaw in government agencies and critical sectors.