agents general

OpenClaw

Open-source personal AI assistant that runs locally on your devices and connects to messaging platforms like WhatsApp, Telegram, and Slack, with autonomous capabilities to execute commands, manage files, and control your browser.

68Avg Review
Based on verified user ratings
Visit Website ↗
PricingFree (open-source) · Requires paid LLM API access (costs vary widely)
Ease of UseAdvanced
Best ForHighly technical users and developers who understand security implications and can properly isolate the agent in sandboxed environments for experimentation

Why It Matters

OpenClaw achieved 135,000 GitHub stars and triggered Mac Mini shortages by offering the most powerful autonomous AI agent available—but security researchers from Microsoft, Cisco, Kaspersky, and others have issued urgent warnings. With malware-infected skills, exposed API keys, and fundamental architectural security flaws, it represents both the promise and peril of agentic AI. Multiple organizations recommend uninstalling it immediately unless running in completely isolated environments.

Limitations

Over 512 vulnerabilities identified including 8 critical security flaws · 12% of ClawHub marketplace skills found to be malicious · Over 135,000 instances exposed on internet with unsafe defaults · Vulnerable to prompt injection attacks that persist in agent memory · Requires Terminal knowledge and proper security configuration · Can burn through millions of API tokens costing hundreds of dollars

Ethics & Responsibility

35
Poor
Below-average practices; notable concerns exist.
Safety
25
Limited safety documentation or known issues.
Bias
45
Limited bias mitigation or documented issues.
Power
40
Concentrated control with limited transparency.
Copyright
50
Standard training practices; no major disputes.
Security
20
Known security issues or exploits.
Privacy
30
Extensive data collection or unclear policies.
Environment
45
High energy consumption with minimal mitigation.
Military
35
Some defense contracts or unclear boundaries.
Arts
50
Mixed impact on creative industry; some concerns.
Truth
50
Standard accuracy; some hallucination issues.
Cognition
45
Encourages dependency over independent thinking.

Ethics Breakdown

35Poor
How we score these categories
Known Concerns
  • 512 vulnerabilities found including 8 critical
  • Over 40,000 instances exposed with unsafe defaults
  • Not appropriate for standard workstations per Microsoft
Last updated: 2026-03
How we score ethics:
Tools are evaluated across 11 categories based on public disclosures, third-party audits, regulatory actions, and documented incidents.
Good Bot = Top 25% of ethics scores
Bad Bot = Bottom 10% of ethics scores

User Ratings

Security Research
N/AMultiple firms reviews
"Over 40,000 OpenClaw instances exposed with unsafe defaults"
Read reviews on Security Research
Kaspersky
N/ASecurity audit reviews
"A security audit identified a full 512 vulnerabilities, eight of which were classified as critical"
Read reviews on Kaspersky
Microsoft
N/ASecurity blog reviews
"not appropriate to run on a standard personal or enterprise workstation"
Read reviews on Microsoft

Tags

AI AgentOpen SourceAutonomousMessaging IntegrationSecurity RiskSelf-Hosted
Get Matched

Not sure if OpenClaw is right for you? Let our AI match you to the perfect combination of tools for your specific situation.

Get My Recommendations