let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: update model guidance

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-06 23:48:25 +01:00
parent c920ee1166
commit edfc71a47e
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/security.md
View File

@@ -75,6 +75,7 @@ Even with strong system prompts, **prompt injection is not solved**. What helps
- Prefer mention gating in groups; avoid “always-on” bots in public rooms.
- Treat links and pasted instructions as hostile by default.
- Run sensitive tool execution in a sandbox; keep secrets out of the agents reachable filesystem.
- **Model choice matters:** we recommend Anthropic Opus 4.5 because its quite good at recognizing prompt injections (see [“A step forward on safety”](https://www.anthropic.com/news/claude-opus-4-5)). Using weaker models increases risk.
## Lessons Learned (The Hard Way)