Friday, 20 February, 2026
New Prompt Injection Attack Exploits AI Coding Agents Like Cline and OpenClaw
Security researchers have demonstrated a significant vulnerability in autonomous AI coding agents, including Cline and OpenClaw, through a new prompt injection technique. By embedding malicious instructions in web pages or files, attackers can hijack these tools to execute unauthorized commands, steal sensitive data, or compromise private repositories. This discovery highlights the growing security risks associated with giving AI agents broad permissions to interact with local environments.
Read full story at The Verge