An open-source AI agent that runs on your computer and "actually does things" is exploding across tech circles - but it's bringing critical security risks along for the ride. OpenClaw, formerly known as Clawdbot and Moltbot, lets users delegate everything from email drafting to ticket purchases through messaging apps like WhatsApp and Signal. The catch? Once you hand over the keys to your entire computer, a single configuration error could be catastrophic. A cybersecurity researcher discovered that some setups left private messages, account credentials, and API keys exposed on the web.
OpenClaw is turning heads for all the right reasons - and some very wrong ones. The open-source AI agent runs locally on your computer and integrates with WhatsApp, Telegram, Signal, Discord, and iMessage, letting you fire off commands like you're texting a personal assistant. Users are sharing demos of OpenClaw managing their daily reminders, tracking fitness data, and even handling client communications without human intervention.
Federico Viticci at MacStories detailed how he transformed his M4 Mac Mini into an AI command center using the agent, receiving daily audio recaps synthesized from his calendar, Notion, and Todoist activity. Another user reported that after prompting OpenClaw to create an animated interface, it added a sleep mode animation completely unprompted - a glimpse of autonomous behavior that's both impressive and unsettling.
But the rapid adoption is running headlong into serious security concerns. When you grant OpenClaw access to your entire system, you're essentially handing over root-level permissions to an AI that operates independently. A revealed that misconfigured installations left users' private messages, login credentials, and API keys exposed on the public web. It's the kind of vulnerability that could turn a productivity tool into an identity theft goldmine.
