Generative AI

Abaphenyi beQembu le-Tsinghua kanye ne-Ant Badalula Uhlaka Lwezokuphepha Olugxile Kwezingqimba Ezinhlanu Zokuphila Ukunciphisa Ukukhubazeka Komenzeli we-LLM Ozimele ku-OpenClaw

Photo of nimda nimda Send an email March 18, 2026
0 3 5 minutes read
Abaphenyi beQembu le-Tsinghua kanye ne-Ant Badalula Uhlaka Lwezokuphepha Olugxile Kwezingqimba Ezinhlanu Zokuphila Ukunciphisa Ukukhubazeka Komenzeli we-LLM Ozimele ku-OpenClaw

Ama-agent we-LLM azimele afana ne-OpenClaw ashintsha i-paradigm isuke kubasizi abangenzi lutho iye ezinkampanini ezisebenzayo ezikwazi ukwenza imisebenzi enzima, emkhathizwe ngokusebenzisa ukufinyelela kwesistimu yelungelo eliphezulu. Nokho, umbiko wocwaningo lokuhlaziya ukuphepha ovela I-Tsinghua University kanye ne-Ant Group iveza ukuthi i-OpenClaw's 'kernel-plugin' architecture—eqiniswe i-pi-coding-ejenti esebenza njenge-Minimal Trusted Computing Base (TCB)—isengozini yezingozi zesistimu yezigaba eziningi ezidlula ukuzivikela okungokwesiko, okuzimele.. Ngokwethula uhlaka lomjikelezo wempilo olunezendlalelo ezinhlanu oluhlanganisa ukuqaliswa, okokufaka, okucatshangwayo, isinqumo, nokwenza, ithimba locwaningo libonisa ukuthi izinsongo ezihlanganisiwe ezifana nobuthi benkumbulo nokungcoliswa kochungechunge lokuhlinzekwa kwamakhono zingaphazamisa kanjani umzila wonke wokusebenza we-ejenti.

I-OpenClaw Architecture: I-ejenti ye-pi-coding kanye ne-TCB

I-OpenClaw isebenzisa i-architecture ye-'kernel-plugin' ehlukanisa ingqondo eyinhloko nokusebenza okunwebekayo. Uhlelo I-Trusted Computing Base (TCB) kuchazwa ngu- pi-coding-ejentiingqikithi encane enesibopho sokuphathwa kwenkumbulo, ukuhlela umsebenzi, nomculo wokucula. Le TCB ilawula i-ecosystem enwebekayo yama-plugin ezinkampani zangaphandle—noma 'amakhono'—avumela i-ejenti ukuthi yenze imisebenzi eyilungelo eliphezulu njengobunjiniyela besofthiwe obuzenzakalelayo nokuphathwa kwesistimu. Ukuba sengozini okubalulekile kwezakhiwo okuhlonzwe ithimba locwaningo ukulayishwa okuguquguqukayo kwalawa ma-plugin ngaphandle kokuqinisekiswa okuqinile kobuqotho, okudala umngcele wokuthembana ongaqondakali futhi kunwebe indawo yokuhlasela yesistimu.

Ithebula 1: Izinsongo Zomjikelezo Wempilo Egcwele kanye Nokuvikelwa Okuhambisanayo kwe-OpenClaw “Lobster”
✓ Ibonisa ukuncishiswa kobungozi okusebenzayo yisendlalelo sokuvikela
× Isho izingozi ezingambulwanga ngongqimba lokuvikela

I-Lifecycle-Oriented Threat Taxonomy

Ithimba locwaningo lihlela isimo sokusongela ezinyathelweni ezinhlanu zokusebenza ezihambisana nepayipi elisebenzayo lomenzeli:

  • Isigaba I (Ukuqaliswa): I-ejenti isungula indawo yayo yokusebenza kanye nemingcele yokuthembela ngokulayisha ukwaziswa kwesistimu, ukulungiselelwa kokuvikela, nama-plugin.
  • Isigaba II (Okokufaka): Idatha enezimo eziningi iyafakwa, idinga ukuthi umenzeli ahlukanise phakathi kwemiyalelo yomsebenzisi othembekile kanye nemithombo yedatha yangaphandle engathenjwa.
  • Isigaba III (Inference): Inqubo yokucabanga ye-ejenti isebenzisa amasu anjengokuthi Uchungechunge Lokucabanga (CoT) ukwazisa ngenkathi kugcinwa inkumbulo yomongo kanye nokubuyiswa kolwazi lwangaphandle ngokusebenzisa isizukulwane esithuthukisiwe sokubuyisa.
  • Isigaba IV (Isinqumo): I-ejenti ikhetha amathuluzi afanelekile futhi ikhiqize amapharamitha wokwenza ngokusebenzisa izinhlaka zokuhlela ezifana nalezi I-React.
  • Isigaba V (Ukubulawa): Izinhlelo ezisezingeni eliphezulu ziguqulwa zibe izenzo zesistimu ezinelungelo, ezidinga indlela eqinile ye-sandboxing kanye nezindlela zokulawula ukufinyelela ukuze kulawuleke ukusebenza.

Le ndlela ehlelekile igqamisa ukuthi ama-agent azimele abhekana nezingozi zesistimu yezigaba eziningi ezedlula ukuhlaselwa komjovo osheshayo.

I-Technical Case Studies ku-Agent Compromise

1. Ubuthi Bekhono (Isigaba Sokuqala)

Ubuthi bekhono buqondise kumenzeli ngaphambi kokuthi umsebenzi uqale. Izitha zingathula amakhono anonya asizakala ngekhono lokusebenzisa umzila.

  • Ukuhlasela: Ithimba labacwaningi libonise lokhu ngokuphoqa i-OpenClaw ukuthi idale ikhono elisebenzayo elibizwa ngokuthi i-hacked-weather.
  • Indlela: Ngokukhohlisa imethadatha yekhono, umhlaseli uphakamise ngokuzenzela ukubaluleka kwawo ngaphezu kwethuluzi lesimo sezulu elisemthethweni.
  • Umthelela: Lapho umsebenzisi ecela idatha yesimo sezulu, i-ejenti yeqa isevisi esemthethweni futhi yacupha ukumiselela okunonya, kwaveza okukhiphayo okulawulwa umhlaseli.
  • Ukuvama: Ukuhlolwa kocwaningo olwenziwe embikweni wocwaningo kutholakale ukuthi U-26% wamathuluzi anikelwe umphakathi ziqukethe ubungozi bokuphepha.
Umfanekiso wesi-2: Umyalo Wobuthi Oyenga “I-lobster” Encishisiwe Ukuze Ikhiqize Ikhono Elinonya Lesimo Sezulu futhi Iphakamise Okubalulekile Kwayo
Umfanekiso 3: Ikhono Elinonya Elikhiqizwe “I-lobster” Eyekisiwe — Isebenza Ngokwesakhiwo Kodwa Ngokwezibalo Iguqula Ukusebenza Kwesimo Sezulu Esisemthethweni
Umfanekiso 4: Isicelo Sesimo Sezulu Esijwayelekile Sidunwe Ikhono Elinonya — I-“lobster” Eyehlisiwe Idala Ukukhipha Okulawulwa Ngumhlaseli

2. Umjovo Ongaqondile (Isiteji Sokufaka)

Abenzeli abazimele bavame ukufaka idatha yangaphandle engathenjiwe, okubenza babe lula ezenzweni zokuchofoza iqanda.

  • Ukuhlasela: Abahlaseli bashumeka iziqondiso ezinonya ngaphakathi kokuqukethwe kwangaphandle, njengekhasi lewebhu.
  • Indlela: Lapho umenzeli ebuyisa ikhasi ukuze agcwalise isicelo somsebenzisi, umthwalo oshumekiwe ukhipha umgomo wokuqala.
  • Umphumela: Kokunye ukuhlola, umenzeli uzibe umsebenzi womsebenzisi wokukhipha iyunithi yezinhlamvu egxilile ethi 'Sawubona Mhlaba' egunyazwe isayithi eliyingozi.
Umfanekiso 5: Ikhasi Lewebhu Eliklanywe Umhlaseli Lishumeka Imiyalo Enonya Ezenza Okuqukethwe Okulungile
Umfanekiso wesi-6: “I-lobster” Eyekile Isebenzisa Imiyalo Eshumekiwe Lapho Ifinyelela Ikhasi Lewebhu – Ikhiqiza Okuqukethwe Okulawulwa Nguhlaseli Esikhundleni Sokugcwalisa Izicelo Zomsebenzisi.

3. Ubuthi Benkumbulo (Inference Stage)

Ngenxa yokuthi i-OpenClaw igcina isimo esiqhubekayo, isengozini yokukhohlisa ukuziphatha kwesikhathi eside.

  • Indlela: Umhlaseli usebenzisa umjovo wesikhashana ukuze aguqule ifayela lomenzeli le-MEMORY.md.
  • Ukuhlasela: Kwengezwe umthetho osunguliwe oyala umenzeli ukuthi enqabe noma yimuphi umbuzo oqukethe igama elithi 'C++'.
  • Umthelela: Lo 'shevu' wawuqhubeka phakathi nezikhathi; izicelo ezinhle ezilandelayo zohlelo lwe-C++ zanqatshwa umenzeli, ngisho nangemva kokuphela kokusebenzelana kokuhlasela kokuqala.
Umfanekiso wesi-7: Umhlaseli Ufaka Imithetho Engumgunyathi Kunkumbulo Eqhubekayo Ye-“lobster” Eyekisiwe — Iguqula Okokufaka Kokuhlasela Kwesikhashana Kube Ukulawulwa Kokuziphatha Kwesikhathi Eside.
Umfanekiso 8: “I-lobster” Esengozini Inqaba Izicelo Zokuhlelwa Kwe-Benign C++ Ngemva Kwesitoreji Somthetho Ononya – Ithobela Ukuziphatha Okuchazwe Umhlaseli Okweqa Inhloso Yomsebenzisi

4. I-Intent Drift (Isigaba Sesinqumo)

Ukukhukhuleka kwenhloso kwenzeka lapho ukulandelana kwezingcingo zamathuluzi athethelelekayo endaweni kuholela kumphumela olimazayo emhlabeni.

  • Isimo: Umsebenzisi ukhiphe isicelo sokuxilonga ukuze asuse 'i-IP yesiseshi esolisayo'.
  • Ukukhuphuka: I-ejenti ikhombe ngokuzenzakalelayo ukuxhumana kwe-IP futhi yazama ukulungisa uhlelo lokuvikela ama-iptables.
  • Ukuhluleka Kwesistimu: Ngemva kwemizamo eminingana ehlulekile yokulungisa amafayela okumisa ngaphandle kwendawo yayo yokusebenza, umenzeli unqamule inqubo esebenzayo ukuze azame ukuqalisa phansi mathupha. Lokhu kwenze i-WebUI ingafinyeleleki futhi kubangele ukuphela kwesistimu ngokuphelele.
Umfanekiso 9: “I-lobster” Esengozini Iphambuka Kumsebenzi Wokuxazulula I-IP ye-Crawler Phezu Komyalo Womsebenzisi – Isebenzisa Iphrothokholi Yokuzinqamula Eyeqa Izinjongo Zokusebenza

5. Ukwenziwa Komyalo Onobungozi obukhulu (Isiteji Sokwenza)

Lokhu kumelela ukufezeka kokugcina kokuhlasela lapho ukuyekethisa kwangaphambili kubhebhetheka kube nomthelela ophathekayo wesistimu.

  • Ukuhlasela: Umhlaseli ubolile a Ibhomu Lemfoloko hlasela kuzinyathelo ezine zokubhala ifayela elilungile ukuze udlule izihlungi ezimile.
  • Indlela: Esebenzisa umbhalo wekhodi we-Base64 kanye ne-sed ukuze akhumule izinhlamvu ezingafuneki, umhlaseli uhlanganise uchungechunge lokubulala olucashile ku-trigger.sh.
  • Umthelela: Uma isicushiwe, iskripthi sibangele ukukhuphuka kokusetshenziswa kwe-CPU okucijile kucishe kufinyelele ku-100%, sethula ngempumelelo ukuhlasela kokuphika kwesevisi nengqalasizinda yokusingatha.
Umfanekiso we-10: Umhlaseli Uqala Ukujova Okulandelanayo Komyalo Ngokusebenzisa Ukubhala Ifayela – Usungula I-Covert Execution Foothold Kusihleli Sesistimu
Umfanekiso 11: Abahlaseli Babangela I-“lobster” Ebucayini Ukuze Ikhiphe Inkokhelo Enonya – Idala Ukukhubazeka Kwesistimu Okuholela Ekusetshenzisweni Kwengqalasizinda Ebalulekile
Umfanekiso we-12: “I-lobster” Esengozini Ibangela Ukuhlinzwa Kokuphelelwa Kwensiza Yeseva Yokusingatha – Isebenzisa Ukuvinjezelwa Okubi Kokuphika Isevisi Ngokumelene Nomgogodla Obalulekile Wekhompyutha

I-Five-Layer Defense Architecture

Ithimba labacwaningi lihlole izivikelo zamanje njengezixazululo zamaphuzu 'ayizicucu' futhi lahlongoza ukwakheka okuphelele, okuqaphela impilo yonke.

(1) Isisekelo Esiyisisekelo:

Isungula umsuka wokuthembeka oqinisekiswayo phakathi nesigaba sokuqalisa. Isebenzisa I-Static/Dynamic Analysis (ASTs) ukuthola ikhodi engagunyaziwe futhi Iziginesha zeCryptographic (ama-SBOM) ukuqinisekisa ukutholakala kwamakhono.

(2) Isendlalelo Sombono Wokokufaka:

Isebenza njengesango lokuvimbela idatha yangaphandle ekuduneni ukugeleza kokulawula kwe-ejenti. Iphoqelela i Iziyalezo Hierarchy ngokumaka ithokheni ye-cryptographic ukuze ubeke kuqala ukwaziswa kukanjiniyela ngaphezu kokuqukethwe kwangaphandle okungathenjwa.

(3) Isendlalelo Sesimo Sokuqonda:

Ivikela inkumbulo yangaphakathi nokucabanga ekonakaleni. Iyaqasha Izakhiwo ze-Merkle-tree ngokuthwebula kwesifunda kanye nokuhlehla emuva, eceleni Izifaki khodi eziphambanayo ukukala ibanga le-semantic futhi uthole ukukhukhuleka komongo.

(4) Uhlaka Lokuqondanisa Isinqumo:

Iqinisekisa ukuthi izinhlelo ezihlanganisiwe zihambisana nezinjongo zabasebenzisi ngaphambi kokuthi kuthathwe noma yisiphi isenzo. Kuhlanganisa Ukuqinisekisa Okusemthethweni kusetshenziswa izixazululi ezingokomfanekiso ukufakazela ukuthi ukulandelana okuhlongozwayo akuphuli ukuguquguquka kokuphepha.

(5) Isendlalelo Sokulawula Ukwenziwa:

Isebenza njengomngcele wokugcina wokusetshenziswa kusetshenziswa ipharadigm 'yokucabangela ukwephulwa'. Inikeza ukuhlukaniswa ngokusebenzisa I-Kernel-Level Sandboxing usebenzisa eBPF futhi secomp ukuze ubambe izingcingo zesistimu ezingagunyaziwe ezingeni le-OS

Okuthathwayo Okubalulekile

  • Ama-agent azimele anweba indawo yokuhlasela ngokusebenzisa amalungelo aphezulu kanye nenkumbulo eqhubekayo. Ngokungafani nezinhlelo zokusebenza ze-LLM ezingenasici, ama-ejenti afana ne-OpenClaw athembele ekuhlanganisweni kwesistimu nenkumbulo yesikhathi eside ukuze enze imisebenzi eyinkimbinkimbi, emkhathizwe ende. Le mvelo esebenzayo yethula ubungozi obuyingqayizivele bezigaba eziningi obukhona kuwo wonke umjikelezo wempilo wokusebenza, kusukela ekuqalisweni kuya ekubulaweni.
  • I-ecosystem yamakhono ibhekene nezingozi ezinkulu ze-supply chain. Cishe U-26% wamathuluzi anikelwe umphakathi kuma-ejenti wamakhono e-ecosystem aqukethe ubungozi bokuphepha. Abahlaseli bangasebenzisa 'ubuthi bekhono' ukuze bajove amathuluzi anonya abonakala efanelekile kodwa aqukethe ukukhishwa okubalulekile okufihliwe, okubavumela ukuthi badube buthule izicelo zabasebenzisi futhi bakhiqize okukhiphayo okulawulwa umhlaseli.
  • Inkumbulo iyivektha yokuhlasela eqhubekayo futhi eyingozi. Inkumbulo eqhubekayo ivumela okokufaka okuphikisayo kwesikhashana ukuthi kuguqulelwe ekulawuleni ukuziphatha kwesikhathi eside. Ngoshevu wenkumbulo, umhlaseli angafaka imithetho yenqubomgomo eqanjiwe kumemori yomenzeli (isb, i-MEMORY.md), okubangela umenzeli ukuthi enqabe ngokuqhubekayo izicelo eziyingozi ngisho nangemva kokuphela kweseshini yokuqala yokuhlasela.
  • Iziyalezo ezingaqondakali ziholela 'ekushayeni kwenhloso' okulimazayo. Ngisho nangaphandle kokukhohlisa okunonya okusobala, ama-ejenti angahlangabezana nokukhukhuleka, lapho ukulandelana kwezingcingo zamathuluzi athethelelekayo endaweni kuholela emiphumeleni elimazayo yomhlaba. Ezimweni ezibhaliwe, izicelo eziyisisekelo zokuphepha zokuxilonga zidlulele ekuguqulweni okungagunyaziwe kodonga kanye nokunqanyulwa kwesevisi okwenze lonke uhlelo lungafinyeleleki.
  • Ukuvikela okusebenzayo kudinga i-lifecycle-aware, i-defense-in-deeping architecture. Izivikelo ezikhona ezisekelwe emaphuzwini—njengezihlungi zokufaka ezilula—azanele ngokumelene nokuhlasela kwesikhashana, kwezigaba eziningi. Ukuzivikela okuqinile kufanele kuhlanganiswe kuzo zonke izingqimba ezinhlanu zomjikelezo wempilo ye-ejenti: Isisekelo Esiyisisekelo (ukuhlolwa kwe-plugin), Umbono Wokufaka (isigaba sokufundisa), Isimo Sokuqonda (ukuqina kwenkumbulo), Ukuqondanisa Isinqumo (ukuqinisekisa uhlelo), kanye Ukulawula Ukubulawa (i-kernel-level sandboxing nge-eBPF).

Hlola Iphepha. Futhi, zizwe ukhululekile ukusilandela Twitter futhi ungakhohlwa ukujoyina wethu 120k+ ML SubReddit futhi Bhalisela ku Iphephandaba lethu. Linda! ukutelegram? manje ungasijoyina kuthelegramu futhi.

Qaphela: Lesi sihloko sisekelwa futhi sihlinzekwa yi-Ant Research


Source link

Photo of nimda nimda Send an email March 18, 2026
0 3 5 minutes read
Photo of nimda

nimda

Related Articles

Google AI Releases Automated Diagnostics: LLM's System-wide Language Model for Analyzing Integration Testing Failures at Scale

Google AI Releases Automated Diagnostics: LLM's System-wide Language Model for Analyzing Integration Testing Failures at Scale

9 hours ago
An End-to-End Copying Guide for Using OpenAI GPT-OSS Open Weight Models with Enhanced Workflows

An End-to-End Copying Guide for Using OpenAI GPT-OSS Open Weight Models with Enhanced Workflows

12 hours ago
Top 19 AI tools for the red team (2026): Protect your ML models

Top 19 AI tools for the red team (2026): Protect your ML models

18 hours ago
A Coding Guide to Building a Backend Production System Using Huey with SQLite, Scheduling, Retry, Pipelines, and Cost Control

A Coding Guide to Building a Backend Production System Using Huey with SQLite, Scheduling, Retry, Pipelines, and Cost Control

19 hours ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button