We are doomed: https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another
A prompt injection in a GitHub issue triggered a chain reaction that ended with 4,000 developers getting OpenClaw installed without consent. The attack composes well-understood vulnerabilities into something new: one AI tool bootstrapping another.
