On March 18, the ByteDance security team unveiled the 'OpenClaw Security Specifications and Usage Guidelines,' accompanied by the launch of the ByteClaw tool, which is built upon the enterprise edition of Volcano Engine ArkClaw. Leveraging the company's centralized account system, this tool offers identity verification, access regulation, and privilege management capabilities, enabling employees to access internal resources securely. The guidelines underscore five primary risk categories linked to OpenClaw, namely inadequate access control, prompt injection, sensitive data theft, supply chain weaknesses, and malicious plugin assaults, and furnish security prerequisites and configuration directives. The team advises employees to prioritize the utilization of compliant tools such as ByteClaw to ensure unified cloud operations and ongoing risk mitigation, while categorically banning the installation and utilization of OpenClaw-like tools in critical production settings, including business servers.