The National Internet Emergency Center has sounded the alarm over security risks associated with the OpenClaw application. Lately, there's been a notable uptick in both downloads and active use of OpenClaw, with major domestic cloud platforms facilitating its deployment with just a single click. This application operates by controlling computers via natural language commands and requires extensive system permissions to support its "autonomous task execution" capability. Nevertheless, its default security settings are notably lax, making it easy for attackers to seize control of the system. In the past, problems like "prompt injection," unintended operations, malicious function plugins, and various security flaws have been uncovered, all of which could result in serious outcomes such as privacy violations and the disruption of business systems. It is advised that relevant organizations and individuals take proactive measures to bolster network security, tighten credential management, rigorously vet plugin sources, and stay vigilant about security updates when implementing the application.