OpenClaw Faces Significant Security Issues in AI Traffic Management

Organizations adopting OpenClaw for local Llama 3.1 inference have faced breaches, with security assessments like ZeroLeaks scoring it 2/100. Reported vulnerabilities include cross-user data exfiltration, credential theft, 135,000 exposed instances (12,000+ with RCE risks), and unsecured Supabase databases exposing chat histories and tokens. Prompt injection attacks succeeded 91% of the time, leaking system prompts and API keys. Many deployments occurred via shadow AI, leaving organizations unaware of exposure until incidents occurred.