top of page

China Issues OpenClaw Safety Rules: the Dos and Don'ts

  • Writer: tech360.tv
    tech360.tv
  • 3 minutes ago
  • 3 min read

China's Ministry of Industry and Information Technology (MIIT) has issued new guidelines for the adoption and use of OpenClaw, a prominent artificial intelligence agent. A unit of the ministry outlined both recommended practices and prohibitions. This advisory aims to address risks associated with the software's typical applications.


Text on a dark background promotes OpenClaw with an installation command. A red "Learn more" button is on the right.
Credit: OpenClaw

The guidelines suggest users apply the official and most recent version of OpenClaw. Users should also limit internet exposure for the agent and grant only the necessary minimum permissions. Caution is advised when engaging with the skill market, which contains various third-party offerings. Users are also told to guard against browser hijacking and to check regularly for software patch vulnerabilities.


Conversely, users are warned against several actions. These include using outdated versions or unofficial third-party mirror copies of OpenClaw. They should avoid exposing AI agent instances directly to the internet. And administrators should not enable administrator accounts during the software's deployment.


Further prohibitions include installing skill packs that require password entry, browsing unverified websites, and disabling detailed log auditing functions. According to the National Vulnerability DataBase (NVDB), an MIIT-run entity, these measures were developed in collaboration with AI agent providers, vulnerability platform operators, and cybersecurity firms. The NVDB also supplied instructions on how to restrict internet access, scan files, and uninstall the software properly.


The advisory specifically pointed out situations where security risks could arise. One such scenario involves connecting instant messaging applications to OpenClaw. This action could give the agent excessive permissions, potentially allowing malicious reading, writing, or deletion of any files within a system.


This recent warning represents the second such caution issued by the NVDB regarding OpenClaw. Earlier, the NVDB had alerted users that improper handling of the AI agent could expose them to significant security risks. The cybersecurity sector in China has increased its oversight of this open-source technology.


The National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT), a non-governmental and non-profit cybersecurity technical platform, recently indicated OpenClaw's susceptibility to threats. These threats include "prompt injection," a method where attackers embed hidden malicious instructions on webpages. Such instructions could deceive the software into revealing system keys.


OpenClaw, previously known as Clawdbot and Moltbot, was developed by Austrian developer Peter Steinberger some time ago. The software has became widely used internationally due to its capability to perform tasks for a user. Such tasks include organising and responding to emails, drafting work reports, and preparing slide decks.


OpenAI acquired OpenClaw recently, which generated considerable interest worldwide. So, Chinese companies, including Big Tech firms like Alibaba Group Holding, Tencent Holdings, and ByteDance, quickly adopted this trend. These companies have released their own versions of OpenClaw to provide easier or less expensive access.


Additionally, local governments in China have shown support for the software. Authorities in Shenzhen, located in the southern province of Guangdong, along with those in Nanjing and Wuxi in the eastern province of Jiangsu, have drafted policies to support the adoption of OpenClaw. This indicates a broader governmental interest in the technology, despite the associated warnings.


  • China's MIIT has issued guidelines for OpenClaw use.

  • The advisory outlines six recommended practices and six prohibitions.

  • OpenClaw is a popular AI agent developed by Peter Steinberger and acquired by OpenAI.

  • Chinese firms and local governments have adopted or supported the software.

  • Concerns exist regarding security vulnerabilities and potential misuse.


Source: SCMP

As technology advances and has a greater impact on our lives than ever before, being informed is the only way to keep up.  Through our product reviews and news articles, we want to be able to aid our readers in doing so. All of our reviews are carefully written, offer unique insights and critiques, and provide trustworthy recommendations. Our news stories are sourced from trustworthy sources, fact-checked by our team, and presented with the help of AI to make them easier to comprehend for our readers. If you notice any errors in our product reviews or news stories, please email us at editorial@tech360.tv.  Your input will be important in ensuring that our articles are accurate for all of our readers.

Tech360tv is Singapore's Tech News and Gadget Reviews platform. Join us for our in depth PC reviews, Smartphone reviews, Audio reviews, Camera reviews and other gadget reviews.

  • YouTube
  • Facebook
  • TikTok
  • Instagram
  • Twitter
  • LinkedIn

About Us

Privacy

Disclaimer

info@tech360.tv

© 2021 tech360.tv. All rights reserved.

bottom of page