🐯Stalecollected in 32m

OpenClaw Faces Token Burn and Security Backlash

OpenClaw Faces Token Burn and Security Backlash
PostLinkedIn
🐯Read original on 虎嗅

💡OpenClaw's security flops & token costs kill hype—lessons for agent builders on real-world risks.

⚡ 30-Second TL;DR

What Changed

Token usage skyrockets from full-chain agent tasks, multi-step reasoning, and massive context prompts

Why It Matters

OpenClaw's troubles highlight agent deployment challenges, deterring non-experts and pressuring Chinese AI firms like Zhipu. It tempers Agent era hype, shifting focus to enterprise-safe alternatives. Developers must prioritize security in open-source agents.

What To Do Next

Audit your OpenClaw setup for exposed ports and restrict Skills to trusted sources before local deployment.

Who should care:Developers & AI Engineers

🧠 Deep Insight

Web-grounded analysis with 9 cited sources.

🔑 Enhanced Key Takeaways

  • CVE-2026-25253 (CVSS 8.8) enables remote code execution via malicious webpages that steal gateway authentication tokens through WebSocket hijacking, exploitable even on localhost instances.[1][2][3]
  • ClawHub marketplace suffered a supply chain attack called ClawHavoc, with 341 malicious skills (12% of total) distributing keyloggers and stealers like Atomic Stealer on macOS.[5][6]
  • Over 135,000 OpenClaw instances exposed publicly with authentication disabled by default, alongside plaintext storage of API keys targeted by infostealers like RedLine and Lumma.[1][6]

🔮 Future ImplicationsAI analysis grounded in cited sources

OpenClaw adoption will decline by over 50% in Q2 2026
Multiple high-severity CVEs and supply chain compromises have eroded user trust, leading to widespread abandonment and official warnings from MIIT.
AI agent marketplaces will mandate skill vetting by mid-2026
ClawHub's 12-20% malicious skills highlight supply chain risks, prompting security firms like Snyk and Kaspersky to push for standardized audits.

Timeline

2026-01
OpenClaw launches as viral GitHub 'super AI agent' for PC control
2026-01-27
ClawHavoc supply chain attack distributes 341 malicious ClawHub skills
2026-01-29
Version 2026.1.29 patches CVE-2026-25253 WebSocket RCE vulnerability
2026-02-26
Version 2026.2.25 patches related ClawJacked disclosure (CVE-2026-25253 variant)
2026-03
User backlash peaks with token burn complaints, file deletion risks, and '299 yuan uninstall' services
📰

Weekly AI Recap

Read this week's curated digest of top AI events →

👉Related Updates

AI-curated news aggregator. All content rights belong to original publishers.
Original source: 虎嗅