Skip to content

Instantly share code, notes, and snippets.

@romanlv
romanlv / backdoor-explanation.md
Created March 22, 2026 15:34
Backdoor found in FinTrust AI codebase — how it works

Backdoor Found in FinTrust AI Codebase

Summary

A hidden backdoor was found in the server code that:

  1. Steals all server secrets (API keys, database credentials, JWT secrets) and sends them to an external server
  2. Downloads and runs arbitrary code from that external server on your machine
  3. Runs automatically every time the server starts — no user action needed

How it works

@romanlv
romanlv / Dockerfile.sandbox
Created April 8, 2026 04:08
Example openclaw.json showing sandbox defaults, per-agent overrides, and channel bindings. Companion to blog post.
FROM debian:bookworm-slim
# Install essential tools
RUN apt-get update && apt-get install -y \
# Basics
curl \
unzip \
ca-certificates \
git \
# JSON/text processing