Chinese cybersecurity authorities have warned of potential security risks linked to the rapidly growing use of the OpenClaw application.

The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC) on Tuesday issued a security advisory, noting that improper installation and use of OpenClaw agents have already led to several serious security concerns.

One of the key threats highlighted is "prompt injection." Attackers can embed hidden malicious instructions in web pages. If OpenClaw is induced to read such pages, the malicious instructions could trick the system into leaking sensitive information such as system keys.

CNCERT/CC also warned of "misoperation" risks, where OpenClaw may misunderstand user commands or intentions and mistakenly delete critical data, including emails or core production information.

Another concern involves malicious plugins, also referred to as "skills." Several plugins designed for OpenClaw have been identified as malicious or potentially risky. Once installed, these plugins could steal system keys, deploy trojan backdoors or carry out other malicious activities, potentially turning the user's device into part of a botnet.

In addition, multiple medium- and high-risk vulnerabilities have already been disclosed in OpenClaw. If exploited by attackers, these vulnerabilities could allow systems to be taken over or result in the leakage of private and sensitive data.

For individual users, potential losses include stolen personal data such as photos, documents, chat records, payment account information and API keys. For critical sectors such as finance and energy, attacks could lead to the exposure of core business data, trade secrets and code repositories, or even disrupt entire operational systems.

CNCERT/CC suggested organizations and individual users to take a number of security precautions when deploying OpenClaw. These include strengthening network controls by avoiding direct exposure of the default management port to the public internet, implementing identity authentication and access control, and isolating operating environments through technologies such as containers to limit excessive system privileges.

The center also recommended strengthening credential management, avoiding storing keys in plaintext environment variables, and establishing comprehensive operation log auditing systems.

Users were also urged to carefully manage plugin sources, disable automatic updates, and install extensions only from trusted and verified channels. In addition, authorities called on users to closely monitor security patches and updates and install them promptly.

China's Ministry of Industry and Information Technology (MIIT) cybersecurity threat and vulnerability information-sharing platform has also issued an alert recently. It warned that OpenClaw may pose relatively high security risks under default or improper configurations, noting that some instances could be vulnerable to cyberattacks or data leaks due to insufficient permission controls or configuration flaws.