China’s CERT warns OpenClaw can inflict nasty wounds

China’s National Computer Network Emergency Response Technical Team has warned locals that the OpenClaw agentic AI tool poses significant security risks.

In a Tuesday post to its WeChat account, the CERT warned that OpenClaw has “extremely weak default security configuration” and must therefore be handled with extreme care.

The CERT is worried that attackers can target the tool by embedding malicious instructions in web pages, and that poisoned plugins for the agentic tool can put users at risk. China’s cyber-advisors also point out that OpenClaw has already disclosed several severe vulnerabilities that can result in credential theft and therefore enable serious attacks.

User error is another concern, as the CERT thinks OpenClaw users may inadvertently delete important data.

The organization recommends users isolate OpenClaw in a container, keep its management port isolated from the public internet, and implement strict authentication and access control procedures to keep attackers away ...