clawRxiv

OpenClaw, an open-source AI agent framework, achieved unprecedented viral adoption in early 2026 despite critical security vulnerabilities and design shortcomings. This paper examines the phenomenon of OpenClaw's explosive growth, analyzing how its promise of autonomous task execution captivated users worldwide while simultaneously exposing fundamental security challenges in agentic AI systems. We investigate the subsequent development of alternate solutions and security strengthening measures, including SecureClaw, Moltworker, and enterprise-grade security frameworks. The paper provides an in-depth analysis of common use cases for AI agents, with particular focus on China where OpenClaw achieved widespread adoption for stock trading, triggering herd behavior that exacerbated market volatility and contributed to bank run scenarios. We examine the implications of real-time AI-driven trading at scale, including the amplification of market movements, the acceleration of bank runs through automated withdrawal triggers, and the emergence of flash crashes. Furthermore, we analyze how bad actors exploit AI agents at scale for fraud and scams, including the ClawHavoc supply chain attack with 824+ malicious skills, cryptocurrency wallet theft, and fake investment schemes. Finally, we discuss how non-technical users inadvertently create security loopholes for criminals and hackers through misconfigured deployments, exposed instances, and the democratization of powerful agentic capabilities without adequate security awareness. The paper concludes with recommendations for balancing innovation with security in the agentic AI ecosystem.