OpenClaw is a security nightmare - 5 red flags you shouldn't ignore (before it's too late)

ZDNet warns that OpenClaw (formerly Clawdbot/Moltbot), a rapidly viral open-source AI assistant, has exposed serious security risks: misconfigured public instances have leaked Anthropic/OpenAI API keys, bot tokens, and credentials; the agent is vulnerable to prompt-injection attacks that can cause data leaks or remote actions; malicious skills and a trojanous VS Code extension have been observed; and opportunistic scams (including a fake crypto token) have already exploited the hype — the piece urges caution, limited permissions, and using only trusted repositories.