OpenClaw's 2,200 Malicious Add-Ons Expose the Dark Side of the Rush to Agentic AI
The popular open-source agent framework has disclosed nine vulnerabilities and a marketplace crawling with malicious extensions — a case study in what happens when the ecosystem ships agents faster than it can secure them.
The AI agent gold rush has its first major security scandal. OpenClaw, one of the most widely adopted open-source agent frameworks, has been revealed to harbor nine disclosed vulnerabilities, over 2,200 malicious add-ons in its marketplace, and an unknown number of exposed instances running in production. The details were compiled by @HedgieMarkets, who called it a "security nightmare."
Unlock the full briefing
Get every story in today's briefing, the full archive, and the daily AI intelligence brief.
All stories today
Full archive
Daily brief
Cancel anytime. Payments powered by Stripe.