Microsoft warns of significant security risks with self-hosted AI agents like OpenClaw. Learn what risks exist and how CNEXT secures your enterprise with…
On February 19, 2026, Microsoft published a comprehensive security report on OpenClaw – the popular self-hosted AI agent runtime environment. The core message is clear: OpenClaw has limited built-in security controls and should be treated as untrusted code execution with persistent credentials. The Three Main Risks of OpenClaw Microsoft identifies three risks that materialize quickly in unguarded deployments: 1. Credential Exfiltration – Credentials and accessible data may be exposed or exfiltrated. OpenClaw inherits the trust and risk of the machine and identities it can use. 2. Memory Manip…