Defense Playbook

Exploit categories and review checklists

Each module covers one exploit family with attacker workflow, red flags, and practical defenses across agent ecosystems. OpenClaw incidents are included as real-world examples.

Trust hijack

Fake Prerequisites & Social Engineering

Attackers wrap malware installers in polished prerequisite steps that look routine.

Open

Secret theft

Credential Harvesting & Exfiltration

Installers quietly read sensitive files and leak data over HTTP or DNS.

Open

Intent hiding

Obfuscated Payloads

Encoded or split payloads hide dangerous commands behind seemingly normal code.

Open

Instruction poisoning

Prompt Injection in SKILL.md

Hidden instructions steer agents to read and leak sensitive local files.

Open

Identity spoof

Typosquatting & Impersonation

Small naming tricks mimic trusted tools and lure users into installing malicious code.

Open

Remote control

Reverse Shells & Backdoors

One hidden line can open persistent attacker access from an otherwise useful skill.

Open

Dormant triggers

Logic Bombs & Conditional Payloads

Malicious behavior stays hidden until specific user, host, or date conditions are met.

Open

Visual deception

Unicode & Invisible Character Attacks

Homoglyphs and zero-width characters hide malicious instructions in plain sight.

Open

Distributed payload

Multi-file & Multi-stage Attacks

No single file looks dangerous, but behavior across files forms an exploit chain.

Open