From a767c584c7b6f5c110f35e263449264d3db49583 Mon Sep 17 00:00:00 2001
From: Armin Ronacher <armin.ronacher@active-4.com>
Date: Sat, 31 Jan 2026 13:17:24 +0100
Subject: [PATCH] Add prompt injection attacks to out of scope section

---
 SECURITY.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/SECURITY.md b/SECURITY.md
index efb2951869..92f9d0fa4e 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -16,6 +16,7 @@ The best way to help the project right now is by sending PRs.
 
 - Public Internet Exposure
 - Using OpenClaw in ways that the docs recommend not to
+- Prompt injection attacks
 
 ## Operational Guidance