- OpenClaw’s Deep System Access Creates Major Security Issues for Enterprise Environments
- Chinese authorities warn that autonomous AI agents can unexpectedly expose enterprise systems
- Rapid injection attacks threaten AI assistants operating directly within work networks
Chinese cybersecurity authorities have issued new warnings regarding the use of OpenClaw in the workplace.
Authorities are increasingly concerned that its rapid adoption could expose organizations to data and operations risks.
The alerts come as businesses and local governments across the country continue to experiment with the autonomous software agent.
Article continues below
OpenClaw is as risky as it is practical
The advisory was issued by the Technical Emergency Response Team of the National Computer Network/China Coordination Center, which said that improper installation and configuration of the tool could create security vulnerabilities.
OpenClaw’s ability to operate autonomously requires high-level system permissions, a design feature that increases the potential impact of misuse or exploitation.
Officials have warned that such careless deployment in office environments could allow attackers to access sensitive systems.
This is even riskier when organizations fail to properly configure endpoint protection tools or neglect existing firewall protections.
The agency advised early adopters to carefully review system permissions, disable unnecessary public access, and apply stricter administrative controls.
OpenClaw, formerly known as Clawdbot and Moltbot, is an AI assistant that performs tasks on behalf of users.
It is deeply integrated into the operating system and can handle digital tasks such as writing reports, organizing emails, and preparing presentations.
This creates a risk because malicious instructions can go unnoticed during routine operations, and Microsoft has warned against running it on corporate workstations.
The tool may be vulnerable to so-called rapid injection attacks, in which hidden instructions embedded in web content manipulate the agent into performing unintended actions.
Authorities have said such attacks could trick the software into revealing system keys or executing commands that compromise internal networks.
Due to its popularity, many fake OpenClaw variants on GitHub are designed to deliver malware to users.
Another concern raised in official releases is operational errors caused by misinterpreted commands.
Security agencies have warned that the AI agent could mistakenly delete important emails or files if it misunderstands instructions.
Earlier guidelines from China’s National Vulnerability Database also warned that mishandling the software could create high-level security risks.
The organization recommended stronger monitoring systems and reliable malware removal procedures when deploying the AI tool in corporate networks.
Despite repeated warnings, enthusiasm around OpenClaw remains strong among big tech companies and regional authorities.
Cloud platforms such as Alibaba Cloud and major internet companies including Tencent and ByteDance have expanded access to this technology.
Tencent recently introduced new services integrating OpenClaw capabilities into widely used communications platforms including WeChat and QQ.
At the same time, several local authorities have set up subsidies or public initiatives encouraging businesses and residents to experiment with the software.
Authorities now appear to be counterbalancing these initiatives with stricter warnings regarding corporate deployment.
Via SCMP
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
