alt Hacker NewsI hope none of your accounts are associated with that email address that can be read by an LLM that has access to untrusted input.
OpenClaw lives right in the prompt injection lethal trifecta.
The idea of an OpenClaw instance having the ability to reset passwords on your accounts sounds sketchy as shit to me.
Of course, you need to be careful about what access you give to your agent. I gave my agent its own email, and I can forward it emails if I need it to read anything in my inbox.
Everyone will have their own threshold for what type of access they want to give their agent. some people will give it access to their personal email, bank account, etc, but I wouldn't recommend it yet! But I bet in a couple years this will be standard practice.