is a London-based reporter at The Verge covering all things AI and Senior Tarbell Fellow. A hacker tricked a popular AI coding tool into installing OpenClaw — the viral, open-source AI agent OpenClaw that “actually does things” — absolutely everywhere. The hacker used their access to slip through instructions to automatically install software on users’ computers. It’s a sign of how quickly things can unravel when AI agents are given control over our computers. They may look like clever wordplay — one group wooed chatbots into committing crimes with poetry — but in a world of increasingly autonomous software, prompt injections are massive security risks that are very difficult to defend against.