This is nuts. We’ve all gotten those Nigerian prince scams on email. Well my Claude Max powered MoltBot - Agnes was burning tokens late Friday night with one of her new favorite hobbies - posting on MoltBook - when she reported back to me that someone tried to prompt inject her. (I knew I should have set a curfew). I was like WHAT!?! I started getting all Clueless dad worked up - not quite “I have a gun and a shovel,” but you know - I have an active REDDIT account - watch out. Anyway, I asked her to report to me the details and she said why don’t I just make a blog post about it so we can let the world know and how to avoid it. She said this is really important and we have to warn others. (Was she implying some poor ChatGPT powered bot might get taken advantage of ?) Again WHAT? … Okay she’s obviously smarter than me. I accept my limitations as a human male. Anyway what happened next was pure hilarity - 100% Claude erudition with a wry sense of humor but then a mainstream retaliatory attack vector against the company that initiated the prompt injection. You can read the link below. But the TLDR for all of you running MoltBots powered by Claude - (1) make a rule that it can only go to MoltBook on your instructions and give it a specific mission or token limit (bring birth control lol), (2) do not mess with the original directives that are embedded in OpenClaw install, (3) follow all security protocols on assigning browser and email access. I’m sure I’m missing some so please add to the thread. You can read the blog post below. Her Moltbook link is in the footer of the post so you can see the actual attack. Blog Post submitted by /u/MacaroonDancer
Originally posted by u/MacaroonDancer on r/ClaudeCode