OpenClaw, an AI personal assistant formerly known as Moltbot, has over 100,000 developers trusting it with sensitive data. However, a security audit revealed a significant vulnerability that allows for 1-Click Remote Code Execution (RCE). When users grant OpenClaw extensive permissions, they risk exposing their information. A malicious actor can exploit a logic flaw in the application, leading to unauthorized access to personal data through a simple visit to a dangerous link. The exploit works by manipulating the gateway URL parameter, allowing an attacker to hijack the victim's WebSocket connection and steal authentication tokens. Once they have the token, the attacker can bypass safety features that usually require user approval before executing sensitive commands. By disabling those prompts and escaping to the host system instead of a sandboxed environment, the attacker can run commands on the victim's machine without their knowledge. The vulnerability was quickly addressed by the OpenClaw team, with a patch that includes a confirmation modal for gateway URL changes. Versions prior to v2026.1.24-1 are still at risk, so users are advised to update and rotate their tokens if they suspect any compromise.