OpenClaw Security Report

This report provides a comprehensive security assessment of OpenClaw, an open-source autonomous AI agent framework, showing that rapid adoption outpaced original trust assumptions and produced extensive security debt. It documents systemic issues — weak gateway authentication allowing local-origin takeover, fragile identity binding across messaging platforms, inconsistent policy enforcement and sandbox gaps, a large malicious extension ecosystem, persistent prompt-injection risks, and widespread deployment misconfigurations — supported by indicators such as 280+ GitHub security advisories, 100+ CVEs, hundreds of malicious skills, and 135,000+ internet-exposed instances. The report recommends treating security as foundational: formal threat models, hardened control planes, immutable privilege inheritance, layered prompt-injection defenses, strict sandboxing and access controls, continuous auditing, and cautious handling of third-party extensions.