Since the beginning of this year, OpenClaw, an artificial intelligence (AI) agent tool commonly known as "lobster", has rapidly risen in the open source community with its powerful capabilities such as autonomous execution of complex tasks and scalable skill packages. But after the explosion, the "Open Claw" was repeatedly exposed to have multiple safety hazards. At present, regulatory agencies and technology companies in multiple countries have successively released guidelines and standards for the use of "Open Claw". On April 1, the China National Intellectual Property Administration of China issued a risk warning that agent tools such as "Open Claw" were exposed to be vulnerable in default security configuration, which could easily lead to serious security risks. At the same time, using such intelligent agents to write patent application documents may also trigger multiple risks. Frequent security vulnerabilities: "Open Claw" is an open-source AI intelligent agent software developed by Austrian software engineer Peter Steinberg. This intelligent agent adopts a hierarchical architecture, deeply coupling social instant messaging software with automated intelligent agents, while expanding various tool capabilities through a plugin system. Although this layered architecture endows the "Open Claw" with flexibility and scalability, it also brings multidimensional security risks. In late January, a security audit report released on the open-source platform GitHub revealed that "Open Claw" had 512 security vulnerabilities, of which 8 were classified as "serious," covering areas such as identity verification and confidentiality management. In late February, researchers from the international cybersecurity agency "Oasis Security" released a report stating that there is a major security vulnerability called "ClawJacked" in the "Open Claw" core system. Attackers may take over the intelligent agent through malicious web pages, thereby obtaining device permissions and accessing system data. The "Claw of Openness" team classified the vulnerability as "highly dangerous" and released a fixed version within 24 hours. On March 30, China 360 Digital Security Group reported on the official WeChat official account that a high-risk vulnerability had been found in the "Open Claw" platform, which covered more than 50 countries and regions around the world. The risk report released by Microsoft's security team in the United States shows that the use of "Open Claw" may face two types of attack risks: malicious skill plugins and indirect prompt word injection. The execution capability of 'Open Claw' relies on the skill plugins provided by the community platform. The recent security report released by Green Alliance Technology Company pointed out that without strict code auditing and signature verification, attackers can achieve "code poisoning" by publishing malicious skill plugins containing malicious prompts and code. Users may load such plugins with just one click, allowing attackers to gain persistent residency in the victim's system. The threshold for attackers to upload custom skill plugins is very low, they only need to register a non real name GitHub account. According to data released by Paituo Network in February, researchers have discovered over 800 malicious skill plugins targeting "Open Claw" on relevant platforms. Prompt word injection is an attack technique against large language models, which can be divided into two methods: direct injection (attackers directly input malicious instructions) and indirect injection (attacks are implemented through external data sources such as web pages and documents). The US cybersecurity service company "CrowdStrike" recently posted on its official website that the primary threat of prompt injection is sensitive data leakage, and considering the high access rights of "Open Claw" to sensitive files and systems, this risk is particularly serious. Indirect injection will further amplify the risk, as attackers do not need to directly interact with the 'Open Claw', only need to contaminate the data they read, and malicious instructions can quietly enter the software decision-making process. Multiple countries' institutions and enterprises have issued usage standards regarding whether "Open Claw" is suitable for deployment in enterprises. The article by "Zhongdao" company points out that if employees deploy "Open Claw" on enterprise devices or connect it to enterprise systems, and the configuration is improper and lacks security protection, it may become a "backdoor" in the system, executing attackers' instructions. Industry insiders suggest that individuals or enterprise users should not run "Open Claw" on regular office and confidential equipment. If deployment is required, strict control measures such as permission governance, sandbox mechanism, continuous monitoring, and full cycle security protection must be taken. According to media reports, due to risk management considerations, technology companies such as the US Metaverse Platform Company and South Korean Duoyin Communication Company have banned employees from using "Open Claw" on office equipment. At the same time, regulatory agencies in multiple countries have also issued safety guidelines regarding the use of the 'Open Claw'. The Dutch Data Protection Agency issued a statement in February advising users and organizations not to use "Open Claw" and similar AI agents on systems containing sensitive or confidential data, such as access codes, financial administrative information, employee data, private documents, or identity documents; It is recommended to handle external plugins with caution, implement strict access controls, and update login information in a timely manner when there is a risk of leakage. The regulatory agency also called for AI agents such as "Open Claw" to be included in the jurisdiction of the EU's Artificial Intelligence Law. On March 22, the National Internet Emergency Center of China and others released a practical guide for the safe use of "Open Claw". Previously, the Network Security Threat and Vulnerability Information Sharing Platform of the Ministry of Industry and Information Technology organized relevant institutions to propose the "Six Musts and Six Don'ts" suggestion to prevent the security risks of "Open Claw" open-source intelligent agents. (New Society)