OpenClaw, an AI agent, is raising significant security concerns as it gains popularity in business environments. As organizations adopt AI technologies, many are inadvertently exposing themselves to security threats by granting these agents access to sensitive data and local applications. For instance, a report from Pillar Security indicates that cyber attackers are already scanning for vulnerabilities in OpenClaw's architecture, highlighting the risks associated with its default configurations. Token Security found that about 22% of its clients' employees were using ClawdBot, the predecessor to OpenClaw, which poses a shadow IT challenge as these tools often operate outside formal security protocols. The risks extend beyond simple access. Experts point out that AI agents can be manipulated through prompt injection attacks, where unfiltered data leads to unintended actions. Ido Shlomo from Token Security warns that without proper filtering, AI agents could be tricked into revealing sensitive information or executing harmful operations. The evidence of these vulnerabilities is mounting, with platforms like n8n facing critical issues and Salesforce AI agents leaking sensitive data. While some view the rapid development of AI tools as an opportunity, others see a chaotic landscape where security measures lag behind. OpenClaw's development is likened to building a house without an architect, leading to a mix of effective and risky coding practices. With over 300 contributors, the project risks security vulnerabilities through unregulated code contributions. The lack of established best practices for secure AI implementation is alarming. Simon Willison describes the situation as a "lethal trifecta," where AI programs access sensitive data, process untrusted content, and communicate externally, creating multiple avenues for exploitation.