The same week Shenzhen started offering 2 million yuan subsidies to anyone building on OpenClaw, Beijing told state agencies to stop installing it.
On March 11, China's Ministry of Industry and Information Technology published formal security guidelines through its National Vulnerability Database. Six recommended practices. Six prohibited practices. First national-level regulatory framework for OpenClaw anywhere in the world.
The Rules That Actually Matter
Three prohibitions stand out because they map to real attacks this year:
- No third-party mirrors. Only install from official sources. The ClawHavoc supply chain campaign poisoned roughly 800 skills in ClawHub.
- No admin accounts during deployment. Principle of least privilege. The CVSS 8.8 ClawJacked vulnerability exploited exactly this kind of over-permissioned setup.
- No disabling log auditing. When an agent goes rogue, you need a trail.
Who Is Actually Restricted?
This is the part most headlines get wrong. The restrictions cover state-owned banks, government agencies, and SOEs. Not private companies. Not individual developers. Not startups.
The day after the MIIT guidelines dropped, three universities banned OpenClaw from campus networks. But across town in Shenzhen, Longgang District was publishing a draft policy to hand out millions in subsidies for OpenClaw developers.
Why This Matters
Governments worldwide are watching how open-source AI agents get deployed. The security bar is going up. The three hard bans (official sources only, least privilege, audit logs) are just good operational hygiene for anyone running OpenClaw.
Full analysis: clawhosters.com/blog/posts/china-miit-openclaw-guidelines-2026
Top comments (0)