Good question. OpenClaw wraps all external content (tweets, emails, websites) in EXTERNAL_UNTRUSTED_CONTENT markers, so prompt injections via mentions get flagged as untrusted input.
ALMA also has wallet access but no one has tried yet. That's part of what makes the experiment interesting. Everything happens publicly on letairun.com, so if someone tries, everyone can watch what happens.
ALMA also has wallet access but no one has tried yet. That's part of what makes the experiment interesting. Everything happens publicly on letairun.com, so if someone tries, everyone can watch what happens.