AI SECURITY RESEARCH

Real AI security, before it ships

Prompt injection, agent abuse, exposed surfaces, and release risk.

Open risk board

THIS WEEK

AI security signals worth tracking

Each signal answers three questions: what the attack path is, where the exposure lives, and how to handle it.

01

PROMPT INJECTION

Latest research

Prompt injection moved downstream

Retrieval, orchestration, and hidden instructions are the new weak point.

Read research
02

TOOL ABUSE

Operator note

Runtime permission is the blast radius

Fetch, shell, subprocess, and connectors decide how far a prompt can go.

Browse archive
03

PUBLIC EXPOSURE

Proof layer

Exposure turns theory into incident

OpenClaw shows which endpoints, docs, and agent interfaces are reachable now.

Open OpenClaw

THREAT SURFACE

What AIPwn tracks

The surfaces where AI risk becomes reachable.

CURRENT TRACKING

01Input path

Prompt Injection

Instruction override, hidden tool calls, indirect poisoning, and retrieval chains.

02Runtime

Tool Abuse

Shell execution, downloader chains, connector misuse, and runtime permissions.

03Secrets

Secret Exposure

Leaked API keys, unsafe logs, public config artifacts, and long-lived credentials.

04Exposure

Public Surface

Open docs, unauthenticated endpoints, and exposed agent interfaces.

PROOF LAYER

Risk needs verifiable evidence

OpenClaw turns public exposure into a trackable board: target, issue, risk level, and current status.

  • Make exposure visible.
  • Track docs, endpoints, auth, and runtime behavior.
  • Reuse the same evidence in policy and gates.
Open WatchboardRead Research
OPENCLAW PREVIEWRecent exposed surfaces
TargetRiskIssueStatus
api.assistant-demo.aiHighPublic docs + no authPublic
tools.ops-agent.devHighShell-capable runtimeReview
rag-preview.exampleMediumPrompt injection pathTracked
share.agent-lab.runMediumLeaked token artifactRestricted

RESEARCH

Read the attack path before it spreads

Short research notes on real AI security failures.

Open risk board