This paper examines OpenClaw (formerly Clawdbot and Moltbot), an open-source autonomous AI agent that represents a significant shift in human–computer interaction and introduces unprecedented cybersecurity challenges. Released in late 2025 by developer Peter Steinberger, OpenClaw achieved viral adoption, surpassing 100,000 GitHub stars within days and becoming one of the fastest-growing repositories in history. Unlike traditional chatbots that generate text-based responses, OpenClaw operates as an autonomous agent capable of executing shell commands, managing files, controlling browsers, and automating complex workflows across multiple platforms, including WhatsApp, Telegram, and Slack. This research analyzes OpenClaw’s architecture, the emergence of Moltbook—an AI-exclusive social network where agents communicate independently—and the critical security vulnerabilities that have alarmed cybersecurity researchers worldwide. Through a comprehensive analysis of the technology, its applications, and associated risks, this paper demonstrates that OpenClaw exemplifies both the transformative potential and the existential security challenges of agentic AI systems. The study identifies what security researchers have termed a “lethal trifecta” of vulnerabilities: privileged access to private data, exposure to untrusted content, and autonomous external communication capabilities. Finally, we examine the implications for personal computing security, enterprise risk management, and the future development of autonomous AI systems.
Zen Revista (Sun,) studied this question.