On February 5, 2026, the Network Security Threat and Vulnerability Information Sharing Platform (NVDB), under the Ministry of Industry and Information Technology, issued an early warning notice. According to recent monitoring efforts, it has been discovered that certain instances of the OpenClaw open-source AI agent present significant security risks when operating under default or improperly configured settings. These risks render the agent vulnerable to cyberattacks and potential information leaks. The OpenClaw agent is notable for its persistent memory and proactive execution capabilities, and it can be deployed locally in a privatized environment. However, due to its ambiguous trust boundaries and autonomous decision-making features, the agent may carry out unauthorized operations in the absence of effective permission controls. It is, therefore, advisable for relevant organizations and users to verify their public network exposure and permission settings, disable any unnecessary public network access, strengthen security measures, and stay informed by following official security announcements.