Users love OpenClaw; attackers do, too
OpenClaw (previously Clawdbot and Moltbot) is a free, open-source, autonomous AI agent that launched on January 29 and nearly instantly went viral. According to its developer, Peter Steinberger, its repo had greater than 2 million guests over the course of a single week, and it’s estimated that it has been downloaded 720,000 instances per week.
OpenClaw runs domestically on a consumer’s {hardware} slightly than within the cloud, and might carry out autonomous, real-world actions on their behalf, corresponding to studying emails, searching internet pages, operating apps, or managing calendars.
However, nearly instantly after launch, it raised severe safety points: It is liable to immediate injection assaults, authentication bypasses, and server-side request forgery (SSRF), amongst different assaults. Many enterprises have responded by severely proscribing, or outright banning, the AI agent.
