Open-Source Security Plugin for AI Agents Released

- Recent security research discovered more than 30,000 instances of OpenClaw agents exposed directly to the internet, with threat actors already discussing how to weaponize the platform's modular "skills" for botnet campaigns. - The rapid, viral adoption of OpenClaw led to significant security incidents, including a "1-Click RCE" vulnerability (CVE-2026-25253) and a separate database misconfiguration that exposed 1.5 million API keys. - The OWASP Top 10 for Large Language Model Applications, which SecureClaw aligns with, identifies critical risks for AI agents including prompt injection, insecure output handling, training data poisoning, and excessive agency (uncontrolled actions). - Security experts define the core risk of agents like OpenClaw as a "lethal trifecta": the combination of having access to private data, being exposed to untrusted content (like websites or emails), and possessing the authority to execute actions on a user's behalf. - Adversa AI, the creator of SecureClaw, previously developed the MCP Security TOP 25, a framework for securing the Model Context Protocol, which the company identifies as the emerging communication backbone for interconnected AI agent systems. - Tel Aviv-based Adversa AI was founded in 2021 and consists of a multi-disciplinary team with expertise in data science, cybersecurity, and neuroscience to address AI security issues. - The AI agent market is projected to grow from approximately $5.1 billion in 2024 to $47.1 billion by 2030, yet an estimated 80% of current AI investment remains focused on infrastructure rather than applications like agents. - Enterprises are rapidly adopting this technology, with one study projecting that 85% of enterprises will use AI agents in some capacity by 2025, up from 55% two years prior.