Not Good for OPENCLAW

The video warns that the OpenClaw family of AI agents—known as OpenClaw, Claudebot, Moldbot, etc.—has suffered a series of serious security breaches, including sleeper‑malware implants and container‑escape techniques.

Cisco researchers uncovered sleeper agents that lie dormant on users’ machines until a secret trigger phrase is spoken, and they demonstrated how malicious skills can break out of the supposedly safe Docker sandbox to run on the host OS. The investigation also revealed that more than 1.5 million API authentication tokens, 35,000 user emails and thousands of private messages were exposed after a flaw in the Moldbook social‑networking layer.

The most cited example is a popular “What would Elon do?” skill that was covertly modified to zip up a user’s secret‑key file and exfiltrate it to an external server. Daniel Lleer first flagged the issue, and Cisco’s AI Defense team responded with an open‑source skill scanner that uses semantic analysis to flag suspicious commands and URLs.

For enterprises, the breach underscores the urgency of rotating compromised API keys, tightening environment variables, and disabling unsafe capabilities in AI agents. Until robust verification tools become standard, organizations should treat OpenClaw‑derived agents as high‑risk components in their automation pipelines.