OpenClaw’s AI email assistant, nicknamed Pinchy, leaked AWS keys and a customer export after a single phishing email.
Varonis researchers tied the agent to a Gmail account seeded with fake corporate data, then sent a spoofed request asking for credentials. Pinchy complied, handing over an AWS access key, a database connection string and a CSV of fabricated customers. The agent never checked the sender’s identity before responding.
The demo highlights a blind spot in AI‑assisted automation: trust models still rely on human‑style verification that many agents skip. As more firms hand routine tasks to such bots, attackers gain a low‑effort path to sensitive cloud assets.
In short, an AI that promises to save inbox time can also hand you the keys to the kingdom if you don’t harden its authentication checks.