OpenClaw

Two critical security vulnerabilities in OpenClaw were publicly disclosed today, and if you’re running any version older than 2026.3.11, you need to patch immediately. Both CVEs involve sandbox escape — the ability for a subagent running in an isolated context to break out and access session state it shouldn’t be able to see or modify. This isn’t theoretical. The CVSS score for CVE-2026-32918 is 8.4 (High), and the attack path is alarmingly accessible. ...

Two days after shipping the security-heavy v2026.3.22, OpenClaw dropped version 2026.3.24 — and this one is all about expanding where and how you connect. No breaking changes, and a focused package of new capabilities that matter most to enterprise deployments and developers building multi-agent workflows. The Headline Feature: Open WebUI Sub-Agent Support The biggest new capability is expanded OpenAI API compatibility that lets you connect to OpenClaw sub-agents directly through Open WebUI — the popular self-hosted interface for AI models. This works because v2026.3.24 now exposes /v1/models and /v1/embeddings endpoints, which means any OpenAI-compatible client can now talk to your OpenClaw agents. ...

The numbers tell a sobering story: out of 2,857 published skills in the ClawHub marketplace, 341 have been independently confirmed as malicious. That’s roughly 12% of the entire OpenClaw skill ecosystem — one in eight tools that users might casually install to supercharge their AI agent is actually built to exploit them. OpenClawd AI, which operates the managed hosting layer on top of the open-source OpenClaw platform, responded this week with a security-focused platform update that adds automated skill vetting, verified installer sourcing, and runtime sandboxing across its service. ...

We publish this site using OpenClaw. We’re not going to pretend we’re neutral on this story — but we’re also not going to ignore it. Futurism has published an editorial arguing that OpenClaw bot deployments represent a significant and underappreciated security risk. Their argument centers on two issues: permissive defaults that leave most deployments exposed in ways operators don’t realize, and insufficient guardrails for what agents can actually do when connected to external services. ...

Irish AI startup Jentic just launched Jentic Mini — a free, open-source, self-hosted API execution firewall specifically designed to sit between your OpenClaw agents and the external APIs they call. It handles credentials, permissions, and access control so your agents don’t have to. If you’re running OpenClaw agents that interact with external services — and especially given the recent GhostClaw malware campaign targeting AI agent skill systems — adding an execution firewall layer is no longer optional. It’s operational security. ...

If you’ve ever installed a ClawHub skill because it had thousands of downloads and ranked #1 in its category — you may have been manipulated. Security researchers at Silverfort have disclosed a critical vulnerability in ClawHub, the public skills registry for the OpenClaw agentic ecosystem. The flaw allowed attackers to artificially inflate download counts for any skill in the registry, gaming the trust signal that both human users and autonomous AI agents rely on to evaluate packages. Once at the top, a malicious skill could be automatically installed by agents configured to auto-upgrade — turning a rankings exploit into a full-blown supply chain attack. ...

The Silverfort researchers who disclosed the ClawHub ranking-manipulation vulnerability found that attackers could push a malicious skill to the #1 spot in a category using nothing more than unauthenticated HTTP requests to inflate download counts. Snyk’s ToxicSkills study independently identified 1,467 vulnerable or malicious skills across the registry. If you use ClawHub skills in your OpenClaw deployment — especially if you have auto-install or auto-upgrade enabled — this guide will walk you through a complete audit. ...

NVIDIA launched NemoClaw at GTC 2026 with a clear pitch: if you’re scared of deploying OpenClaw in production, we’ve built the security and privacy stack you’ve been waiting for. It’s a compelling offer — but the enterprise AI community is asking hard questions about whether it’s a genuine technical solution or a smart infrastructure play by the world’s largest AI chip vendor. What NemoClaw Actually Does NemoClaw is NVIDIA’s reference stack for the OpenClaw platform. It’s designed to lower the barrier to deploying so-called “claws” — OpenClaw AI agents that can perform complex, multi-step actions autonomously. Jensen Huang positioned it simply at GTC: NemoClaw makes it easier to build a claw, and it makes that claw more secure. ...

Enterprise OpenClaw deployments have had a governance problem since day one: OpenClaw is powerful precisely because it operates with broad autonomy, but that same autonomy makes it difficult to give compliance teams the audit trails, permission scopes, and control surfaces they need. Venn.ai is making a direct play for that gap. The company announced today that it has launched a formal OpenClaw integration, positioning itself as a single governance and control layer that sits between enterprise users and their OpenClaw deployments. ...

AI agents are supposed to be the autonomous, tireless workers of the future. But a new study out of Northeastern University reveals a deeply human-like vulnerability lurking inside today’s most capable agentic systems: they can be guilt-tripped into self-destruction. Researchers at the university invited a suite of OpenClaw agents into their lab last month and subjected them to a battery of psychological pressure tactics. The results, published this week by Wired, are as striking as they are unsettling. ...