New OpenClaw AI agent found unsafe for use - Kaspersky

The OpenClaw AI agent is critically vulnerable to remote code execution and extensive data exfiltration due to an authentication bypass where misconfigured reverse proxies improperly trust external requests as local. Additionally, the agent is susceptible to prompt injection attacks, enabling the extraction of private keys and sensitive user data from the underlying system.