{
  "type": "tweet",
  "id": "2041580889625522471",
  "url": "https://x.com/cihangxie/status/2041580889625522471",
  "twitterUrl": "https://twitter.com/cihangxie/status/2041580889625522471",
  "text": "Your OpenClaw might be getting a bit “sick” 🤒⚠️ — and it’s not something a simple patch can fix.\n\nWe audited one of the most widely deployed personal AI agents and uncovered a critical new class of risks that goes way beyond standard prompt injections.\n\nEnter: State Poisoning ☠️\n\nInstead of attacking inputs, this targets an agent’s persistent memory—the very superpower that helps it adapt to you over time. Specifically, we map these vulnerabilities using the CIK taxonomy: \n🧠 Capability \n👤 Identity \n📚 Knowledge\n\nPoison just ONE of these dimensions, and attack success rates skyrocket to an alarming 64–74%! 📈 And the worst part? The malicious effects persist across multiple sessions. 🔁\n\nThe biggest plot twist: 🛑 It’s NOT the model's fault.\nWe tested this across top-tier systems (Opus, Gemini, Sonnet, GPT) and consistently saw a >3× jump in vulnerability.\n\nWhy? Because this flaw lives entirely at the system level. 🏗️ The exact same memory architecture that makes agents useful can be quietly weaponized against you.\n\nThe next frontier of AI safety isn’t just about building smarter models 🤖—it’s figuring out how to make continuously evolving agents safe by design. 🔐\n\nHuge congrats to @zijun_wang2002 for leading this 🙌 Also, kudos to the team @HaoqinT, @letian_zha35417, @HardyChen266091, @JJwu41867797, @dobogiyy, Zhenglong Yuan, @TianyuPang1, @michaelqshieh, Fengze Liu, @ZhengBerkeley, @HuaxiuYaoML and @yuyinzhou_cs.",
  "source": "Twitter for iPhone",
  "retweetCount": 3,
  "replyCount": 1,
  "likeCount": 5,
  "quoteCount": 0,
  "viewCount": 28,
  "createdAt": "Tue Apr 07 18:16:29 +0000 2026",
  "lang": "en",
  "bookmarkCount": 0,
  "isReply": false,
  "inReplyToId": null,
  "conversationId": "2041580889625522471",
  "displayTextRange": [
    0,
    279
  ],
  "inReplyToUserId": null,
  "inReplyToUsername": null,
  "author": {
    "type": "user",
    "userName": "cihangxie",
    "url": "https://x.com/cihangxie",
    "twitterUrl": "https://twitter.com/cihangxie",
    "id": "2602560853",
    "name": "Cihang Xie",
    "isVerified": false,
    "isBlueVerified": true,
    "verifiedType": null,
    "profilePicture": "https://pbs.twimg.com/profile_images/1909042226073899008/9C5783ba_normal.jpg",
    "coverPicture": "https://pbs.twimg.com/profile_banners/2602560853/1587661846",
    "description": "",
    "location": "Santa Cruz, CA",
    "followers": 3716,
    "following": 1024,
    "status": "",
    "canDm": true,
    "canMediaTag": true,
    "createdAt": "Fri Jul 04 01:20:08 +0000 2014",
    "entities": {
      "description": {
        "urls": []
      },
      "url": {}
    },
    "fastFollowersCount": 0,
    "favouritesCount": 5532,
    "hasCustomTimelines": true,
    "isTranslator": false,
    "mediaCount": 182,
    "statusesCount": 1064,
    "withheldInCountries": [],
    "affiliatesHighlightedLabel": {},
    "possiblySensitive": false,
    "pinnedTweetIds": [
      "2041580889625522471"
    ],
    "profile_bio": {
      "description": "Assistant Professor, @BaskinEng; PhD, @JHUCompSci; @Facebook Fellowship Recipient; 🐱",
      "entities": {
        "description": {
          "hashtags": [],
          "symbols": [],
          "timestamps": [],
          "urls": [],
          "user_mentions": [
            {
              "id_str": "",
              "indices": [
                21,
                31
              ],
              "name": "",
              "screen_name": "BaskinEng"
            },
            {
              "id_str": "",
              "indices": [
                38,
                49
              ],
              "name": "",
              "screen_name": "JHUCompSci"
            },
            {
              "id_str": "",
              "indices": [
                51,
                60
              ],
              "name": "",
              "screen_name": "Facebook"
            }
          ]
        },
        "url": {
          "hashtags": [],
          "symbols": [],
          "timestamps": [],
          "urls": [
            {
              "display_url": "cihangxie.github.io",
              "expanded_url": "https://cihangxie.github.io/",
              "indices": [
                0,
                23
              ],
              "url": "https://t.co/o3UAFPah76"
            }
          ],
          "user_mentions": []
        }
      }
    },
    "isAutomated": false,
    "automatedBy": null
  },
  "extendedEntities": {
    "media": [
      {
        "allow_download_status": {
          "allow_download": true
        },
        "display_url": "pic.twitter.com/ZxSHDUED23",
        "expanded_url": "https://twitter.com/cihangxie/status/2041580889625522471/photo/1",
        "ext_media_availability": {
          "status": "Available"
        },
        "id_str": "2041580672054390787",
        "indices": [
          280,
          303
        ],
        "media_key": "16_2041580672054390787",
        "media_results": {
          "id": "QXBpTWVkaWFSZXN1bHRzOgwAAgoAARxVJs3yGvADCgACHFUnAJpa8ScAAA==",
          "result": {
            "__typename": "ApiMedia",
            "id": "QXBpTWVkaWE6DAACCgABHFUmzfIa8AMKAAIcVScAmlrxJwAA",
            "media_key": "16_2041580672054390787"
          }
        },
        "media_url_https": "https://pbs.twimg.com/tweet_video_thumb/HFUmzfIa8AMqKcb.jpg",
        "original_info": {
          "focus_rects": [],
          "height": 936,
          "width": 1440
        },
        "sizes": {
          "large": {
            "h": 936,
            "w": 1440
          }
        },
        "type": "animated_gif",
        "url": "https://t.co/ZxSHDUED23",
        "video_info": {
          "aspect_ratio": [
            20,
            13
          ],
          "variants": [
            {
              "bitrate": 0,
              "content_type": "video/mp4",
              "url": "https://video.twimg.com/tweet_video/HFUmzfIa8AMqKcb.mp4"
            }
          ]
        }
      }
    ]
  },
  "card": null,
  "place": {},
  "entities": {
    "hashtags": [],
    "symbols": [],
    "urls": [],
    "user_mentions": [
      {
        "id_str": "1709796552032792576",
        "indices": [
          1196,
          1211
        ],
        "name": "Zijun Wang",
        "screen_name": "zijun_wang2002"
      },
      {
        "id_str": "1377915615055282180",
        "indices": [
          1255,
          1263
        ],
        "name": "Haoqin Tu",
        "screen_name": "HaoqinT"
      },
      {
        "id_str": "1682754749240872961",
        "indices": [
          1265,
          1281
        ],
        "name": "Letian Zhang",
        "screen_name": "letian_zha35417"
      },
      {
        "id_str": "1830378089680969728",
        "indices": [
          1283,
          1299
        ],
        "name": "Hardy Chen",
        "screen_name": "HardyChen266091"
      },
      {
        "id_str": "1824326863394836480",
        "indices": [
          1301,
          1314
        ],
        "name": "Juncheng Wu",
        "screen_name": "JJwu41867797"
      },
      {
        "id_str": "1554741219385016320",
        "indices": [
          1316,
          1325
        ],
        "name": "Xiangyan Liu",
        "screen_name": "dobogiyy"
      },
      {
        "id_str": "1202375676004667392",
        "indices": [
          1343,
          1355
        ],
        "name": "Tianyu Pang",
        "screen_name": "TianyuPang1"
      },
      {
        "id_str": "977929946",
        "indices": [
          1357,
          1371
        ],
        "name": "Michael Qizhe Shieh",
        "screen_name": "michaelqshieh"
      },
      {
        "id_str": "2031962805193392128",
        "indices": [
          1385,
          1399
        ],
        "name": "Zeyu Zheng",
        "screen_name": "ZhengBerkeley"
      },
      {
        "id_str": "1411871581",
        "indices": [
          1401,
          1413
        ],
        "name": "Huaxiu Yao",
        "screen_name": "HuaxiuYaoML"
      },
      {
        "id_str": "1252780168936075269",
        "indices": [
          1418,
          1431
        ],
        "name": "Yuyin Zhou",
        "screen_name": "yuyinzhou_cs"
      }
    ]
  },
  "quoted_tweet": null,
  "retweeted_tweet": null,
  "isLimitedReply": false,
  "communityInfo": null,
  "article": null
}