Skip to content

OpenClaw, OpenAI, and What the AI Agent Explosion Means for Your Business

Dan Slay
Dan Slay
Founder
| 6 min read AI 21 February 2026

Table of contents

If you’ve been anywhere near tech Twitter in the last month, you’ve seen OpenClaw. The open-source AI agent went from obscure side project to 180,000 GitHub stars in a matter of weeks. Then, on February 15th, OpenAI hired its creator.

This isn’t just another hype cycle. It’s a signal about where AI is heading — and it has real implications for how businesses should be thinking about their AI strategy.

What Is OpenClaw?

OpenClaw is an open-source AI agent that runs locally on your machine. Unlike ChatGPT or Claude, which are conversational tools you interact with through a browser, OpenClaw is an autonomous assistant that connects to your actual systems — email, calendar, messaging apps, file storage, development tools — and takes action on your behalf.

You tell it “clear my inbox of anything that isn’t urgent” and it does it. You tell it “remind me to review open pull requests every Friday” and it checks GitHub, analyses the PRs, and sends you a summary. It works across WhatsApp, Slack, Telegram, Discord, and a dozen other channels.

The key difference: it doesn’t just talk. It executes.

The Numbers Are Staggering

OpenClaw’s growth has been unlike anything the open-source world has seen:

  • 180,000+ GitHub stars in roughly eight weeks
  • 1.5 million agents created by early February
  • 2 million visitors to the project in a single week
  • 5,000+ third-party skills published on ClawHub
  • 22% of employees at some organisations already using it, according to Token Security

That last stat should catch your attention. This isn’t just developers tinkering with a cool new tool. It’s already spreading through organisations as shadow IT.

Why OpenAI Hired the Creator

Sam Altman announced Peter Steinberger’s hire with a clear statement of intent: “Peter Steinberger is joining OpenAI to drive the next generation of personal agents.”

Steinberger’s own explanation was refreshingly honest. He said the project could have become “a huge company” but that wasn’t what interested him. His next mission is to “build an agent that even my mum can use” — and he believes that requires access to frontier models and research that only a major lab can provide.

Altman added that “the future is going to be extremely multi-agent” and that OpenClaw will continue as an open-source project under an independent foundation, sponsored by OpenAI.

Read between the lines: OpenAI is betting that the future of AI isn’t chatbots. It’s autonomous agents that do real work. And they’ve just acquired the person who built the most popular one.

The Security Problem Nobody Wants to Talk About

Here’s where it gets uncomfortable.

OpenClaw’s adoption has massively outpaced its security posture. In the space of a few weeks, security researchers uncovered:

  • CVE-2026-25253 — a critical vulnerability that allowed one-click remote code execution through a malicious link. An attacker could exfiltrate authentication tokens and execute arbitrary commands on the victim’s machine.
  • Five high-severity advisories published in under a week, suggesting security was an afterthought during initial development.
  • 42,000+ unprotected instances exposed to the internet, with over 5,000 actively verified as vulnerable.
  • 800+ malicious skills on ClawHub (roughly 20% of the registry), many traced to a coordinated campaign dubbed “ClawHavoc.”

And perhaps most concerning: prompt injection attacks can poison OpenClaw’s persistent memory. A malicious payload hidden in an email could influence the agent’s behaviour across future sessions — a completely new class of attack.

One Meta researcher had her entire inbox cleared by an OpenClaw agent she’d asked to help sort her email. That’s the benign version of what can go wrong.

What This Means for Businesses

There are two ways to look at this.

The Opportunity

AI agents represent a genuine step change in productivity. The ability to have an AI that doesn’t just answer questions but actively manages tasks, monitors systems, and takes action — that’s transformative. OpenAI’s investment signals that this technology is going to improve rapidly and become mainstream.

For businesses, the potential is significant:

  • Automated workflows that currently require manual coordination
  • Proactive monitoring of systems, metrics, and communications
  • Cross-platform integration that connects your actual tools rather than living in a separate chat window

The Risk

The risk is equally real. OpenClaw’s security track record shows what happens when powerful tools get adopted faster than they can be secured. And the shadow IT problem is already here — your team may already be giving an AI agent access to company email and Slack without anyone in leadership knowing about it.

The Cisco AI Readiness Index found that only 13% of organisations feel fully prepared for AI security threats, despite 72% reporting AI adoption. For agentic AI specifically, just 31% believe they’re equipped to control and secure it.

What You Should Actually Do

If you’re a business leader watching this space, here’s our practical advice:

  1. Don’t ignore it. AI agents are coming whether you plan for them or not. Having a strategy beats having a crisis.
  2. Audit your exposure. Find out if anyone in your organisation is already running OpenClaw or similar agent tools. Token Security’s finding that 22% of employees at some companies are already using it should be a wake-up call.
  3. Define your agent policy. Decide which systems an AI agent can and can’t access, what approval processes are needed, and how you’ll monitor usage.
  4. Start with controlled use cases. There are genuine productivity gains to be had, but start with low-risk, well-defined tasks rather than giving an agent the keys to everything.
  5. Get expert guidance. The intersection of AI capability and security risk is exactly the kind of problem that benefits from experienced eyes.

The Bigger Picture

The OpenClaw moment isn’t really about OpenClaw. It’s about the shift from AI as a conversation partner to AI as an autonomous worker. That shift is happening now, and the businesses that navigate it well will have a significant advantage.

The ones that ignore it will either miss the opportunity or — worse — find out the hard way what happens when powerful AI tools get adopted without proper oversight.

If you’re thinking about how AI agents fit into your business — or you’re worried they already do and you don’t have a plan — get in touch. We help businesses build practical AI strategies that balance opportunity with risk, and we can help you figure out the right approach for your specific situation. You can also check out our AI Consulting service for a structured engagement.

ai agents openclaw security strategy
Dan Slay

Written by Dan Slay

Founder

Building practical software at Further Forward. Sharing insights on AI, engineering, and what it takes to ship products that actually work.

Related articles

Claude Remote Control: Why Your Next AI Workflow Won't Be Tied to a Desk

AI 24 February 2026

Anthropic's new Remote Control feature lets you continue Claude Code sessions from your phone or any browser. Here's why that matters for small and medium-sized businesses.

Why Your SaaS Needs an AI Strategy in 2026

AI 15 December 2025

AI isn't a nice-to-have anymore. Here's how to build a practical AI strategy that actually moves the needle for your SaaS product.

MCP Servers: The Missing Piece in Your AI Workflow

AI 28 November 2025

Model Context Protocol servers are quietly becoming essential infrastructure. We break down what they are, how they work, and why you should care.

Enjoyed this article?

Get more insights delivered to your inbox weekly.