National Internet Emergency Center Issues OpenClaw Security Application Risk Alert

Odaily News The National Internet Emergency Center has issued a security application risk alert for OpenClaw. Previously, due to improper installation and usage of the OpenClaw agent, some serious security risks have already emerged. It is recommended that relevant organizations and individual users adopt the following security measures when deploying and applying OpenClaw: 1. Strengthen network control; do not directly expose OpenClaw's default management port to the public internet. Implement security management for access services through security control measures such as identity authentication and access control. Strictly isolate the runtime environment and use technologies like containers to limit OpenClaw's excessive permissions. 2. Enhance credential management; avoid storing keys in plaintext within environment variables. Establish a comprehensive operational log auditing mechanism. 3. Strictly manage plugin sources; disable automatic update functionality and only install signed and verified extensions from trusted channels. 4. Continuously monitor for patches and security updates, and promptly perform version updates and install security patches. (Jin10)