On the 10th, the National Internet Emergency Center issued a risk alert on OpenClaw security applications. The prompt states that recently, OpenClaw application downloads and usage have been booming, and mainstream cloud platforms in China all provide one click deployment services. This intelligent agent software directly controls the computer to complete relevant operations based on natural language instructions. However, due to its extremely fragile default security configuration, attackers can easily gain full control of the system once they discover a breakthrough. The prompt states that due to improper installation and use of OpenClaw agents, there have been some serious security risks: network attackers can induce OpenClaw to read the webpage by constructing hidden malicious instructions in the webpage, which may lead to user system key leakage; Due to a misunderstanding of user instructions and intentions, OpenClaw may completely delete important information such as emails; Multiple feature plugins suitable for OpenClaw have been confirmed to be malicious plugins or pose potential security risks, and can perform malicious operations such as stealing keys after installation. In addition, OpenClaw has publicly exposed multiple high and medium risk vulnerabilities. Once these vulnerabilities are maliciously exploited by network attackers, they may lead to serious consequences such as system control, privacy information, and sensitive data leakage. The National Internet Emergency Center recommends that relevant units and individual users take relevant security measures when deploying and applying OpenClaw, including: strengthening network control, strictly isolating the operating environment, and limiting the problem of too high OpenClaw permissions; Strengthen credential management and avoid storing keys in plaintext in environment variables; Strictly manage the source of plugins; Continuously monitor patches and security updates, promptly update versions and install security patches. (New Society)