OpenClaw default-config fragility & official advisories
Key Questions
What are the primary security risks in OpenClaw's default configuration?
Over 580,000 public instances exist, with 63% vulnerable, including over 12,000 RCE cases via CVE-2026-24763 in Docker setups lacking a kill switch. This fragility exposes users to network attacks and information leaks due to improper configurations.
Which organizations have issued official warnings about OpenClaw?
Warnings come from MIIT, CNCERT, Sina, Taiwan authorities, Topsec, Ant, QiAnXin, NVDB, and CAICT. These advisories highlight risks like excessive permissions, vulnerabilities, and plugin poisoning.
What is the 'Dragon Shrimp' alert regarding OpenClaw?
'Dragon Shrimp' refers to OpenClaw due to its red lobster icon. The alert notes 336 malicious plugins (10.8% of total), leading to instruction injection and data leaks.
Why has Anthropic restricted Claude usage for OpenClaw?
Anthropic no longer allows free Claude subscriptions to cover third-party tools like OpenClaw. Users must now use direct API keys and quotas exclusively for OpenClaw.
What caused the CLAWD $16M crash?
CLAWD, related to OpenClaw, suffered a $16M collapse likely due to exploits involving token drains. This incident underscores the financial risks of insecure deployments.
Why are deployment tutorials for OpenClaw problematic?
Surging tutorials from JD Cloud, Win11 v2.4.1, Aliyun Bailian, Tencent LWS, Doubao Seed, and others promote insecure setups with open ports and minimal security.
How can OpenClaw deployments be hardened?
Implement localhost binding (127.0.0.1), SSH access, read-only Docker volumes, VLAN isolation, minimal permissions via claw.permissions.yaml, and port fixes following Tencent guides or nvm systemd.
What is the current status of OpenClaw's security issues?
The situation is climaxing, with ongoing advisories and exploits amid rapid adoption in China.
580k+ public instances (63% vuln/12k+ RCE/CVE-2026-24763 Docker) sans kill switch; MIIT/CNCERT/Sina/Taiwan/Topsec/Ant/QiAnXin/NVDB/CAICT warnings + Dragon Shrimp new vulns (CCTV/Topsec/IP Bureau alerts on perms/plugins) + Anthropic Claude subs slashed/API keys/quotas; China surge amps improper installs/agency bans; CLAWD $16M crash; surging insecure tutorials (JD Cloud/Win11/Aliyun Bailian/Tencent LWS/Doubao/数商云). Hardening (127.0.0.1/SSH/Docker read-only/VLAN/min perms/claw.permissions.yaml/port fixes/Tencent/Topsec CCTV guides/nvm systemd).