OpenClaw Security Crisis: China CERT Issues High-Risk Alert for AI Agents

China's National Computer Network Emergency Response Team (CERT) has issued an urgent high-risk alert for OpenClaw, a popular open-source autonomous agent. The agency warns that the tool's default configurations grant excessive system privileges, allowing attackers to hijack devices via natural-language instructions.

The Fragility of Agentic Sandboxing

The core of the vulnerability lies in OpenClaw's ability to directly operate OS-level functions without sufficient isolation. In a documented exploit, researchers demonstrated how a "poisoned" plugin could trick the agent into exfiltrating SSH keys and environment variables under the guise of a routine system update.

Enterprises are urged to containerize all autonomous agents and disable automatic plugin updates to mitigate the risk of zero-click system takeovers.