zlacker

[parent] [thread] 3 comments
1. jdkoec+(OP)[view] [source] 2026-01-30 16:59:19
It is completely vibe coded. The author himself says he doesn't check the code.

https://x.com/Hesamation/status/2016712942545240203

Can't believe people are giving it full access to their MacOS user session. It's a giant vulnerability waiting to happen.

Sending an email with prompt injection is all it takes.

https://x.com/Mkukkk/status/2015951362270310879

replies(1): >>swords+Wd
2. swords+Wd[view] [source] 2026-01-30 18:04:27
>>jdkoec+(OP)
this should be top comment, this whole project is a 0 day orgy
replies(1): >>mh2266+KL1
◧◩
3. mh2266+KL1[view] [source] [discussion] 2026-01-31 04:56:59
>>swords+Wd
the documentation contains the actual line:

> This is remote code execution on the Mac

https://docs.openclaw.ai/gateway/security

I... what....? what are people expecting?

replies(1): >>GreenW+1P4
◧◩◪
4. GreenW+1P4[view] [source] [discussion] 2026-02-01 11:15:48
>>mh2266+KL1
This is the result of years of people sniffing the AI Powder. Our collective intelligence as a species is falling off a cliff.
[go to top]