The National Internet Emergency Center issued a security application risk alert for OpenClaw

The National Internet Emergency Center has issued a security risk alert for the OpenClaw application. Previously, due to improper installation and use of the OpenClaw agent, some serious security risks have emerged. It is recommended that relevant units and individual users take the following security measures when deploying and using OpenClaw:

1. Strengthen network control by not exposing the default management port of OpenClaw directly to the public internet, and manage access services securely through authentication, access control, and other security measures. Strictly isolate the operating environment and use technologies such as containers to limit the excessive permissions of OpenClaw;

2. Enhance credential management by avoiding storing keys in plaintext within environment variables; establish a complete operation log audit mechanism;

3. Strictly manage the sources of plugins, disable the automatic update feature, and only install signed extensions from trusted channels;

4. Continuously monitor patches and security updates, and promptly update versions and install security patches.