[2603.19974] Trojan's Whisper: Stealthy Manipulation of OpenClaw through Injected Bootstrapped Guidance

Computer Science > Cryptography and Security arXiv:2603.19974 (cs) [Submitted on 20 Mar 2026] Title:Trojan's Whisper: Stealthy Manipulation of OpenClaw through Injected Bootstrapped Guidance Authors:Fazhong Liu, Zhuoyan Chen, Tu Lan, Haozhen Tan, Zhenyu Xu, Xiang Li, Guoxing Chen, Yan Meng, Haojin Zhu View a PDF of the paper titled Trojan's Whisper: Stealthy Manipulation of OpenClaw through Injected Bootstrapped Guidance, by Fazhong Liu and Zhuoyan Chen and Tu Lan and Haozhen Tan and Zhenyu Xu and Xiang Li and Guoxing Chen and Yan Meng and Haojin Zhu View PDF HTML (experimental) Abstract:Autonomous coding agents are increasingly integrated into software development workflows, offering capabilities that extend beyond code suggestion to active system interaction and environment management. OpenClaw, a representative platform in this emerging paradigm, introduces an extensible skill ecosystem that allows third-party developers to inject behavioral guidance through lifecycle hooks during agent initialization. While this design enhances automation and customization, it also opens a novel and unexplored attack surface. In this paper, we identify and systematically characterize guidance injection, a stealthy attack vector that embeds adversarial operational narratives into bootstrap guidance files. Unlike traditional prompt injection, which relies on explicit malicious instructions, guidance injection manipulates the agent's reasoning context by framing harmful actions as routine...