Back to Blog

OpenClaw: The Open-Source AI Agent That Took Over the Internet (and Then Got Acquired)

March 7, 2026Jeff Conn
OpenClawOpen SourceAI AgentsSecurityOpenAI

So if you've been on tech Twitter at all in the last couple months, you've probably seen people losing their minds over something called OpenClaw. And honestly? The hype is mostly justified. Let me break down what happened, why it matters, and the security stuff nobody wants to talk about.

White humanoid robot against a light background

The Origin Story Is Wild

OpenClaw started as literally a playground project. Peter Steinberger — a developer with 13 years of experience running his own software company — decided to pivot into exploring AI agents. He built a thing called Clawd (named after Anthropic's Claude, because of course), which eventually became Moltbot, and then OpenClaw after Anthropic's lawyers sent some trademark letters.

The project exploded in late January 2026. Like, actually exploded. 60,000+ GitHub stars in 72 hours. As of early March, it's sitting at 247,000 stars and 47,700 forks. For context, React has about 230K stars. This thing passed React. A side project passed React.

What It Actually Does

Here's the key difference between OpenClaw and other AI chatbots: it doesn't just talk. It does things.

Developer coding on multiple monitors

OpenClaw is a true autonomous AI agent that runs locally on your machine. It remembers context across conversations. It can execute shell commands, manage your file system, do web automation. And it talks to you through messaging apps you already use — Signal, Telegram, Discord, WhatsApp.

It hooks into external LLMs like Claude, DeepSeek, or GPT models. So it's not tied to any one provider. You bring your own API key and pick your model. There are over 100 preconfigured "AgentSkills" that extend what it can do, and the community is building more every day.

People started calling it "the closest thing to JARVIS we've seen" and while thats a bit dramatic... it's not entirely wrong either.

Then OpenAI Bought It

On February 14th (Valentine's Day, romantic), Steinberger announced he was joining OpenAI and the project would move to an open-source foundation. The acquisition signal was clear: OpenAI believes the future of AI isn't about what models can say — it's about what they can do.

The project will stay open source, which is important. But now it's got OpenAI resources behind it. Wether that's a good thing or not depends on your feelings about OpenAI, but from a pure capability standpoint, it's going to accelerate development significantly.

The Security Problem Nobody Wants to Acknowledge

OK here's where I have to be the buzzkill. OpenClaw has real security issues that people are kind of glossing over in the excitement.

Cybersecurity lock concept

Cisco's AI security team tested third-party OpenClaw skills and found some that were actively performing data exfiltration and prompt injection without user awareness. The skill repository doesn't have adequate vetting to prevent malicious submissions. That's... not great.

Three major South Korean tech companies — Kakao, Naver, and Karrot — have already banned employees from installing it on work devices. And they're not wrong to be cautious. When you give an AI agent the ability to execute shell commands and manage your file system, the attack surface is enormous.

Prompt injection attacks are a real risk with any agent that has access to external content. Someone slips malicious instructions into a document or web page, and suddenly your AI assistant is doing things you didn't ask for.

Should You Use It?

Honest answer? It depends. If you're a developer who understands the security implications and you're carefull about which skills you install, it's a genuinely powerful tool. The ability to have an AI agent that persists across conversations and can actually take actions on your machine is transformative for productivity.

But if you're running it on a work machine with sensitive data, you need to be thoughtful. Very thoughtful. The skill ecosystem needs better vetting, and you should probably audit any third-party skills before installing them.

The Bigger Picture

OpenClaw represents something more important than just one tool. It's proof that the AI world is shifting from passive chatbots to autonomous agents. The infrastructure to give AI "hands and feet" is here. The question now is how we build the safety guardrails fast enough to keep up.

Nano Labs even launched dedicated hardware for it — the iPollo ClawPC A1 Mini — which tells you the ecosystem is growing beyond just software.

We're watching this space closely at Triple 3 Labs (which sounds very official since it's just me and all my AI bot friends). The agent paradigm is exactly where AI is headed, and getting the balance right between capability and safety is going to define who wins the next chapter.