EduAsiaNews, Yogyakarta – This open-source, agentic artificial intelligence personal application, which was only released in November last year, has recorded over 2 million visits in a single week. Like other AI products with both potential and risks, OpenClaw requires special attention from its users. Reportedly, the Chinese government has banned government agencies, state-owned enterprises, and major banks from installing OpenClaw on office devices due to potential risks, ranging from cyberattacks to data leaks.
Professor of the Department of Electrical Engineering and Information Technology (DTETI), Faculty of Engineering, Universitas Gadjah Mada (UGM), Ridi Ferdiana, explained that OpenClaw is an Agentic AI—an advanced form of artificial intelligence capable of strategic planning, complex action execution, and autonomous task completion. OpenClaw operates by utilizing both the user’s internal data and external data from the internet to accomplish assigned tasks. He further explained that because Agentic AI is open-source, its code and processes are publicly accessible, unlike closed-source systems provided by private vendors. “This openness creates security gaps, which may lead to cyberattacks or data leaks, affecting individuals or companies alike,” Ridi stated on Sunday (April 5).
According to him, OpenClaw being open-source means it is not only free but its programming is transparent. Anyone can examine the code, and many developers study it to create similar systems. The technology expert emphasized that many users often misunderstand the information in system configurations and ignore prompts to update their devices. “For non-expert users, permission requests on devices are frequently skipped or allowed carelessly. This is where data leakage risks arise, particularly for users of open-source Agentic AI like OpenClaw,” he explained.
To mitigate these threats, users can take measures to minimize risks that could result in losses for both individuals and organizations. Ridi advised that users must first understand the extent of their need for OpenClaw. “Most services provided by OpenClaw are also available through third-party platforms and cloud services, where critical data is safer and more secure,” he noted.
He stressed the importance of ensuring that the user’s security systems, devices, and servers are safe. Once security is confirmed, extra efforts in reading and understanding permissions and application configurations are crucial. Third, users should monitor for potential data leaks at least once every two months. This is essential since OpenClaw’s automation can create scenarios beyond the control of individuals or organizations.
“We can always restrict access to our private data. The key lies in extra vigilance: extra reading, extra updating, extra monitoring. Security gaps can affect anyone, whether individuals or companies; the difference is only in the value of the data that could be exposed,” he concluded.
