There is also a risk of "misoperation," as the system may misinterpret user commands and intentions, potentially resulting in the deletion of important information such as emails and core production data.

　　In addition, several plugins designed for OpenClaw have been identified as malicious or potentially risky. Once installed, they may steal keys, deploy Trojan backdoors and conduct other malicious operations, turning affected devices into "botnet nodes," according to CNCERT.

　　Notably, multiple medium- to high-severity vulnerabilities in OpenClaw have already been publicly disclosed. If exploited by cyber attackers, these vulnerabilities could lead to system compromise and the leakage of private and sensitive data.

　　Based on the risks identified, the agency warned users not to expose OpenClaw"s default management port directly to the public internet, and to manage access through security controls such as authentication and access control.

　　The agency also recommended disabling automatic updates for related plugins and installing only extensions from trusted sources that have undergone signature verification.