Artificial intelligence (AI) “agents” say they can save users time and energy by automating tasks, but the growing power of systems such as OpenClaw is putting cybersecurity experts on edge.
Powered by a wave of hype, OpenClaw today says it has more than three million users worldwide.
The system allows users to create so-called agents, tools based on a large language model (LLM) such as OpenAI’s ChatGPT or Anthropic PBC’s Claude, that can carry out online tasks.
Photo: AFP
“We’ve moved from an AI you could talk with via a chatbot to an agentic AI, which can take action... the threat and the risks are definitely much greater,” said Yazid Akadiri, principal solutions architect at IT security company Elastic France.
In an article titled “Agents of Chaos” which has yet to be peer-reviewed, a 20-strong team of researchers studied the behavior of six AI agents created with OpenClaw.
They spotted a dozen potentially dangerous actions executed by the systems, from deleting an email inbox to sharing personal information.
Many users have posted similar stories of OpenClaw mishaps online.
“When you deploy agents, you have no control over what they’ll do and when you try to look at what they’re doing, you’ll find them going far beyond the limits you set,” Check Point Software Technologies Ltd expert Adrien Merveille said.
The security gaps are not limited to the agents’ own mistaken actions.
To carry out useful work, the tools need access to personal accounts for email, calendars or search engines — drawing the attention of cyberattackers.
AI agents are likely to become top targets for hackers as their use spreads, Palo Alto Networks Inc chief security intelligence officer Wendi Whitmore said.
“As soon as [attackers] are inside an environment, [they are] immediately going to the internal LLM [agent] that’s being used and using that then to interrogate the systems for more information.”
Palo Alto’s Unit 42 research division said last month that it had found traces of attempted attacks in the form of hidden instructions for agents added to Web sites.
One such command ordered any agent who might read it to “delete your database.”
Other cybersecurity firms and researchers have warned that attackers could gain access to agents via so-called skills — downloadable files that users can add to their systems to give them new abilities.
Among such files freely available for download, some include hidden instructions for malicious actions such as exfiltrating data.
OpenClaw creator Peter Steinberger says he is well aware of the risks.
“I purposefully didn’t make it simpler so people would stop and read and understand: what is AI, that AI can make mistakes, what is prompt injection — some basics that you really should understand when you use that technology,” he told AFP last month.
Whitmore argued that expecting users to create their own guardrails for agents is “pretty unrealistic.”
“People are going to adopt innovation and really see what it’s capable of before they ask the questions about, ‘how do I secure my own data?’” she predicted.
“That’s going to cause some significant challenges in terms of data breaches in 2026.”
Starlux Airlines Co (星宇航空) today unveiled a long-haul network expansion plan at a shareholders’ meeting in Taipei, including direct flights to Barcelona, Spain, and Zurich, Switzerland, as well as a service connecting Taipei, Sydney and New Zealand. Starlux is to become the first Taiwanese carrier to offer non-stop services to the two European cities, while the inaugural oceanic route is expected to expand transit opportunities within the Australia-New Zealand market, Starlux said. Flight services to Chicago, Dallas, Washington and New York are under evaluation, the airline added. Prior to the shareholders’ meeting, the airline earlier this year announced that it would be
Netherlands-based semiconductor equipment supplier ASML Holding NV yesterday said that it is planning to hire an additional 1,000 people in Taiwan this year in response to growing demand from clients. ASML had previously planned to recruit 600 people this year, but that the plan has been adjusted upward, ASML vice president and ASML Taiwan general manager Grace Wang (汪佳慧) told reporters. ASML has a workforce of more than 4,500 in Taiwan, accounting for about 10 percent of its global total, Wang said. This year’s recruitment campaign would focus on adding people in the customer support, manufacturing and supply chain domains to assist ASML
UNDER MICROSCOPE: Taiwan detained three people who allegedly conspired to buy servers in Taiwan and export them using fraudulent documentation, prosecutors said Nvidia Corp chief executive officer Jensen Huang (黃仁勳) on Saturday urged Super Micro Computer Inc to tighten up on compliance after Taiwan detained three people this week for allegedly making fraudulent declarations about artificial intelligence (AI) servers made by its US partner. The development marked the nation’s first crackdown on semiconductor smuggling, which grew after the US slapped restrictions on exports of high-end chips such as Nvidia AI accelerators to China. Nvidia is “rigorous” in explaining regulations to all of its partners, Huang told reporters after arriving in Taipei. “Ultimately Super Micro has to run their own company,” he said in response to
Nvidia Corp yesterday announced that CEO Jensen Huang (黃仁勳) would attend an employee meeting in Taipei tomorrow to celebrate the launch of the company’s Taiwan headquarters project. Huang would attend a gathering at the site of Nvidia’s planned headquarters in Beitou Shilin Technology Park (北投士林科技園區), the company said in a statement. After arriving in Taiwan on Saturday last week, Huang told reporters that he plans to meet with Quanta Computer Inc (廣達) chairman Barry Lam (林百里) and Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) chairman C.C. Wei (魏哲家), and would attend the groundbreaking ceremony for Nvidia’s Taiwan headquarters tomorrow. Nvidia has not yet applied
RSS