<p>工业和信息化部的网络安全威胁与漏洞信息共享平台最近检测到，一些 OpenClaw（通常称为 &#34;Lobster&#34;）开源 AI 代理在默认或不当配置下存在高安全风险，容易导致网络攻击、信息泄露等安全问题。建议相关组织和用户在部署和应用 OpenClaw 时，彻底验证公共网络暴露、权限配置和凭证管理，禁用不必要的公共网络访问，完善身份认证、访问控制、数据加密和安全审计等安全机制，并持续关注官方安全公告和加固建议，以防范潜在的网络安全风险。（The Paper）</p>

<p>工业和信息化部已就与 OpenClaw 开源 AI 代理相关的安全风险发出警告。由于默认或不当配置，OpenClaw 的实例可能会带来高安全风险，导致潜在的网络攻击和信息泄露。建议组织核实网络暴露情况，管理权限，禁用不必要的访问，并加强身份验证和数据加密等安全措施，以降低这些风险</p>

<p>The Ministry of Industry and Information Technology's Cybersecurity Threat and Vulnerability Information Sharing Platform recently detected that some instances of the OpenClaw (commonly known as &#34;Lobster&#34;) open-source AI agent pose high security risks under default or improper configurations, easily leading to cyberattacks, information leaks, and other security issues. It is recommended that relevant organizations and users thoroughly verify public network exposure, permission configurations, and credential management when deploying and applying OpenClaw, disable unnecessary public network access, improve security mechanisms such as identity authentication, access control, data encryption, and security auditing, and continuously pay attention to official security announcements and hardening recommendations to prevent potential cybersecurity risks. (The Paper)</p>
<div class="lb-trans"><p>工业和信息化部的网络安全威胁与漏洞信息共享平台最近检测到，一些 OpenClaw（通常称为 &#34;Lobster&#34;）开源 AI 代理在默认或不当配置下存在高安全风险，容易导致网络攻击、信息泄露等安全问题。建议相关组织和用户在部署和应用 OpenClaw 时，彻底验证公共网络暴露、权限配置和凭证管理，禁用不必要的公共网络访问，完善身份认证、访问控制、数据加密和安全审计等安全机制，并持续关注官方安全公告和加固建议，以防范潜在的网络安全风险。（The Paper）</p>
</div>

工业和信息化部警告 OpenClaw 开源 AI 代理存在安全风险