If we're thinking about accidentally deleting everything through a terminal command, I've yet to see this actually occur.
Deductively I can see all of the worst case scenarios with open claw. Inductively I've never seen it actually happen.
I find it a bit irrational to pretend that open claw is a genuine security risk.
The moment I see on Hacker News that someone got prompt injected, I think I'll be concerned. Until then I would need almost a lottery like chance to get hacked as the first person through prompt injection.
Lab 2 there shows you how you can use socat to intercept that data passing between OpenClaw and LLM. It's interesting to look at all the tooling (and modify it if you like) around the user prompt. --Might help if you are interested.
The comment about malicious package installs is a much more realistic threat, as an example. Prompt injection is one angle, but defending against a supply chain compromise or an agent being tricked into exfiltrating secrets should be a higher priority. That's a more direct and exploitable vector.
It’s not targeted per se.
Except that it is an actual security risk, no pretending is needed. In general, agents expand the security surface and attack vectors, regardless of framework.
Your argument that it hasn't happened, therefore it doesn't exist is a well known cognitive bias.
See the Lethal Trifecta for one way in which security requires more thoughtfulness.