- OpenClaw’s deep system access creates major security concerns for enterprise environments
- Chinese authorities warn that autonomous AI agents could unexpectedly expose corporate systems
- Rapid injection attacks threaten AI assistants that operate directly on the workplace network
Chinese cybersecurity authorities have issued new warnings about the use of OpenClaw in the workplace.
Authorities cite growing concerns that the rapid adoption could expose organizations to data and operational risks.
The warnings come as businesses and local governments across the country continue to experiment with the autonomous software agent.
The article continues below
OpenClaw is as risky as it is convenient
The notice was issued by the National Computer Network Emergency Technical Team/Coordinating Center in China, which said improper installation and configuration of the tool could create security vulnerabilities.
OpenClaw’s ability to operate autonomously requires high-level system permissions, a design feature that increases the potential impact of misuse or exploitation.
Officials warned that such careless deployment in office environments could allow attackers to gain access to sensitive systems.
This is even more risky when organizations fail to properly configure endpoint protection tools or overlook existing firewall protection measures.
The agency advised early adopters to review system permissions carefully, disable unnecessary public access, and apply stricter administrative controls.
OpenClaw, formerly known as Clawdbot and Moltbot, is an AI assistant that performs tasks on behalf of users.
It is deeply integrated with the operating system and can handle digital tasks such as creating reports, organizing emails and preparing presentations.
This creates risk because malicious instructions can pass unnoticed during routine operations, and Microsoft has warned against running it on enterprise workstations.
The tool may be vulnerable to so-called prompt injection attacks, where hidden instructions embedded in web content manipulate the agent to perform unintended actions.
Authorities said such attacks could trick the software into revealing system keys or executing commands that compromise internal networks.
Due to its popularity, many fake variants of OpenClaw on GitHub are designed to deliver malware to users.
Another concern raised in official announcements concerns operational errors caused by misinterpreted commands.
Security agencies warned that the AI agent could mistakenly delete important emails or files if it misunderstood instructions.
Earlier guidance from the National Vulnerability Database of China also warned that mishandling the software could create high-level security risks.
The organization recommended stronger monitoring systems and reliable malware removal procedures when the AI tool was deployed in business networks.
Despite repeated warnings, enthusiasm about OpenClaw remains strong among major technology companies and regional authorities.
Cloud platforms such as Alibaba Cloud and major internet companies including Tencent and ByteDance have expanded access to the technology.
Tencent recently introduced new services that integrate OpenClaw capabilities into widely used communication platforms, including WeChat and QQ.
At the same time, several local authorities have introduced grants or public initiatives that encourage companies and residents to experiment with the software.
Authorities now appear to be balancing these initiatives with stricter warnings about corporate deployment.
Via SCMP
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
