Safety vendor Noma reported that 53% of its enterprise clients gave OpenClaw privileged entry over a single weekend, in keeping with a January 30 Gartner evaluation. Gartner characterised OpenClaw as “a strong demonstration of autonomous AI for enterprise productiveness, however it’s an unacceptable cybersecurity legal responsibility” and really helpful enterprises “block OpenClaw downloads and visitors instantly,” describing shadow deployments as creating “single factors of failure, as compromised hosts expose API keys, OAuth tokens, and delicate conversations to attackers.”
OpenClaw surpassed 150,000 GitHub stars in late January, gaining viral reputation on social media. The platform, launched in November 2025 and rebranded twice as a result of trademark disputes, permits community-developed “expertise” that run with full entry to the agent’s instruments and information—the structure that ClawHavoc exploited.
Limitations of malware scanning
Whereas the VirusTotal integration addresses recognized malware within the expertise market, OpenClaw acknowledged important limitations within the announcement. “Let’s be clear: this isn’t a silver bullet,” the announcement said. “A talent that makes use of pure language to instruct an agent to do one thing malicious received’t set off a virus signature. A rigorously crafted immediate injection payload received’t present up in a menace database.”
