By Efosa Udinmwen
Publication Date: 2026-02-24 20:20:00
- OpenClaw can silently execute dangerous actions while holding full access credentials
- Persistent tokens allow subtle manipulations to remain undetected across multiple sessions
- Running OpenClaw on standard workstations exposes critical data to invisible risks
Microsoft’s security researchers have warned OpenClaw should not run on ordinary personal or enterprise workstations.
A new Microsoft Security blog post outlines how the risk is tied to how the runtime operates — which blends untrusted instructions with executable code while using valid credentials.
That combination alters the traditional security boundary in ways most desktop environments are not built to handle.
What is OpenClaw
OpenClaw is a self-hosted AI agent runtime built to carry out tasks for individuals or teams. It is not limited to answering questions.
To function fully, users grant it broad software access, including online services, email accounts, login tokens, and local files.
Once connected, it…
