China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a security warning regarding OpenClaw, an autonomous AI agent platform. The warning highlights significant risks stemming from weak default configurations and privileged system access, which can be exploited for endpoint takeover. Specific threats include indirect prompt injection (IDPI), where malicious web content manipulates the agent to leak sensitive data or execute unauthorized actions.
Beyond prompt injection, the ecosystem faces risks from malicious "skills" hosted on repositories and data exfiltration vulnerabilities involving automated link previews in messaging apps. Due to these concerns, Chinese authorities have moved to restrict OpenClaw usage in government agencies and critical sectors. Additionally, threat actors are leveraging the tool's popularity to distribute information stealers like Vidar and Atomic via fraudulent GitHub repositories and SEO poisoning.
Top comments (0)