#3
(05-31-2026, 07:53 AM)asva Wrote: Recently I have been testing prompt injection vulnerabilities to get AI to leak sensetive information. 

Examples of data I have had AI Agents reveal: Backend API Keys, Admin portal URL, Admin email & name, team members with access names & emails, technology stack & more. 

If they don't have the proper prompts in place you can trick it to reveal information with simple prompts such as:




So far I have tested this on OpenClaw based agents that are running on Mac Minis on the backend in a production enviroment and Hermes. 

Try it out and see what you get.

Nice bro nailed it