Viral AI Agent OpenClaw Gains 145K GitHub Stars Despite Critical Security Vulnerabilities

OpenClaw, a viral AI agent with 145,000 GitHub stars, operates autonomously as an 'AI employee' but harbors critical security flaws including remote code execution vulnerabilities and malicious skills that can steal sensitive data.

• OpenClaw emerges as a viral open-source AI agent that runs locally on computers and acts autonomously rather than just responding to prompts, gaining over 145,000 GitHub stars and representing a shift from AI assistants to AI employees
• The tool offers powerful capabilities including persistent memory, proactive monitoring through its 'Heartbeat' feature, and integration with messaging apps, but requires significant technical expertise to set up and can generate high API costs
• Security researchers warn of critical vulnerabilities including CVE-2026-25253 allowing remote code execution, prompt injection attacks through emails, and malicious skills distributed through ClawHub that can steal sensitive data