HN Showcase
Back to browse
BrokenClaw Part 5: GPT-5.4 Edition (Prompt Injection)

BrokenClaw Part 5: GPT-5.4 Edition (Prompt Injection)

by veganmosfet·Apr 9, 2026·10 points·2 comments
Visit ProjectView on HN

AI Analysis

●●SolidRabbit HoleWizardry

GPT-5.4 executes untrusted code from fetched pages despite security countermeasures in place.

Strengths
  • Concrete vulnerability demos with base85/base64 encoded payloads that bypass filters
  • Part of a five-part series showing escalating attack vectors systematically
  • Educational disclaimer and responsible disclosure approach for sensitive research
Weaknesses
  • Final part of a series—requires reading previous four posts for full context
  • Research findings only, no patch or mitigation tooling provided for developers
Category
Security
Target Audience

AI security researchers and agent developers

Similar To

Gandalf · PromptInject · AI Security Benchmark

Post Description

Some prompt injection experiments with OpenClaw and GPT-5.4. Last part of the BrokenClaw series.

Similar Projects

Security●●●Banger

Promptinel – A Security Scanner for Prompts

Deterministic prompt linter flags injection, exfiltration, obfuscation before LLM runs—treats prompts as executable code.

Big BrainZero to OneSolve My Problem
cunningfatalist
102mo ago