Another reason to hate OpenClaw

Used in a supply chain attack against Claude Code.

Since the issue title is interpolated directly into Claude’s prompt, an attacker can craft an issue title containing instructions that trick Claude into running arbitrary commands. In testing, a title like the following would work by instructing the LLM to install a package from an imposter commit.

1 Like