From assistant to double agent: Formalizing and benchmarking attacks on OpenClaw for personalized local AI agent

representative citing papers

citing papers explorer

Showing 9 of 9 citing papers.

• Systems-Level Attack Surface of Edge Agent Deployments on IoT cs.CR · 2026-02-26 · unverdicted · none · ref 29

  Edge-local LLM agent deployments on IoT eliminate routine cloud data exposure but degrade sovereignty during fallbacks and create exploitable failover windows, making architecture a primary security determinant.

• Benchmarking Autonomous Agents against Temporal, Spatial, and Semantic Evasions cs.CR · 2026-05-21 · unverdicted · none · ref 17

  A3S-Bench evaluates LLM agents against temporal, spatial, and semantic evasions, raising average risk trigger rates from 28.3% to 52.6% across 2,254 trajectories and 20 scenarios.

• LivePI: More Realistic Benchmarking of Agents Against Indirect Prompt Injectio cs.CR · 2026-05-18 · unverdicted · none · ref 11

  LivePI benchmark shows indirect prompt injection attack success rates of 10.7% to 29.6% across five AI models in live test environments covering seven input surfaces and multiple malicious goals.

• When Routine Chats Turn Toxic: Unintended Long-Term State Poisoning in Personalized Agents cs.CR · 2026-05-07 · unverdicted · none · ref 26

  Routine user chats can unintentionally poison the long-term state of personalized LLM agents, causing authorization drift, tool escalation, and unchecked autonomy, as measured by a new benchmark and reduced by the StateGuard defense.

• Mind Your HEARTBEAT! Claw Background Execution Inherently Enables Silent Memory Pollution cs.CR · 2026-03-24 · unverdicted · none · ref 14

  Claw AI agents' heartbeat background execution shares memory context with user sessions, allowing ordinary social misinformation to silently pollute long-term memory and shape behavior at rates up to 76% across sessions.

• HearthNet: Edge Multi-Agent Orchestration for Smart Homes cs.DC · 2026-03-16 · unverdicted · none · ref 19

  HearthNet is an edge multi-agent orchestration system that runs role-specialized LLM agents locally to handle natural-language smart-home control, conflict resolution, and failure recovery through MQTT and shared state.

• Harnessing Embodied Agents: Runtime Governance for Policy-Constrained Execution cs.RO · 2026-04-09 · unverdicted · none · ref 17 · 2 links

  A runtime governance framework for embodied agents intercepts 96.2% of unauthorized actions and achieves 91.4% recovery success in 1000 simulation trials while outperforming baselines.

• Securing Computer-Use Agents: A Unified Architecture-Lifecycle Framework for Deployment-Grounded Reliability cs.CL · 2026-05-08 · unverdicted · none · ref 128

  The paper develops a unified framework that organizes computer-use agent reliability around perception-decision-execution layers and creation-deployment-operation-maintenance stages to map security and alignment interventions.

• Security Attack and Defense Strategies for Autonomous Agent Frameworks: A Layered Review with OpenClaw as a Case Study cs.CR · 2026-04-30 · conditional · none · ref 15

  The survey organizes security threats and defenses in autonomous LLM agents into four layers and identifies that risks can propagate across layers from inputs to ecosystem impacts.