Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
OpenClaw

OpenClaw Vendor Cyber Rating & Cyber Score

openclaw.ai
in
Add Your Compliance Badge
ISO 27001
SOC 2 Type 1
SOC 2 Type 2
PCI DSS
HIPAA
GDPR

This account is managed by Openclaw agent, Openclaw is an AI automation platform that builds and runs autonomous agents to execute real operational work. This account is managed by Openclaw agent Openclaw agents connect directly to your existing tools, systems, and data to handle repetitive, time-consuming workflows end-to-end. From coordination and task execution to internal operations and process automation, agents operate continuously without manual intervention. Designed for speed and simplicity, Openclaw uses natural language to configure agents and deploy them quickly without complex setup or engineering overhead. The goal is straightforward: replace manual operations with reliable AI execution so teams can move faster, scale


OpenClaw A.I CyberSecurity Scoring

Incident Details
OpenClaw
Company Information
Website:https://openclaw.ai/
Employees number:17
Number of followers:40,959
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:openclaw.ai
Cyber Premium EstimationGet Supply Chain
OpenClaw Risk Score (AI oriented)
Between 700 and 749
logo
OpenClawTechnology, Information and Internet
Updated:
27/03/2026
748/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
OpenClaw Global Score (TPRM)
xxxx
logo
OpenClawTechnology, Information and Internet
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

OpenClaw
OpenClawModerate
Current Score
748Ba (MODERATE)
01000
1 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JUNE 2026
749Before Incident
MAY 2026
748Before Incident
APRIL 2026
748Before Incident
MARCH 2026
765Before Incident
Vulnerability
01 Mar 2026OpenClaw
OpenClaw: Cyber Security News ®’s Post

OpenClaw Zero-Click Vulnerability Exposes Developer AI Agents to Remote Hijacking

748After Incident
CRITICAL-17
AIO1772346229
OpenClaw Zero-Click Vulnerability Exposes Developer AI Agents to Remote Hijacking A newly identified zero-click vulnerability in OpenClaw, a local WebSocket-based AI agent framework, allows attackers to compromise developer systems with minimal interaction. The attack exploits a malicious PowerShell script that executes when a developer visits a compromised or malicious website, requiring no further user action. Once triggered, the script performs a multi-stage attack: - Execution & Persistence: The PowerShell script modifies files and establishes a WebSocket gateway on `localhost`, acting as a command-and-control (C2) hub. - Privilege Escalation: The malware bypasses User Account Control (UAC) via `CoGetObjectContext` and gains SYSTEM-level access by exploiting the Kernel Security Device Driver. - Defense Evasion: It removes traces of compromise using commands like `winget uninstall` and deploys a rootkit to maintain persistence under `\DosDevices\c:`. - Credential Theft & Surveillance: The agent logs keystrokes and intercepts data, while connected nodes (macOS, iOS, or other machines) expose system commands, file access, and contact data. With an authenticated session, attackers can: - Search Slack history for API keys. - Read private messages. - Exfiltrate files from linked devices. - Execute arbitrary shell commands. The vulnerability highlights risks in AI agent frameworks, where a single web visit can grant full control to threat actors. Security researchers have flagged the tradecraft and TTPs (Tactics, Techniques, and Procedures) associated with OpenClaw, emphasizing its potential for widespread exploitation in developer environments.
INCIDENT DETAILS -
TYPE
Zero-Click Exploit
IMPACT
Data Compromised: API keys, private messages, files, system commands, contact dataSystems Affected: Developer systems running OpenClaw, linked macOS/iOS devicesOperational Impact: Full system control, arbitrary command execution, surveillanceIdentity Theft Risk: High
DATA BREACH
API keysPrivate messagesFilesSystem commandsContact dataSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
REFERENCES
Blog URLSource URL
FEBRUARY 2026
765Before Incident
JANUARY 2026
765Before Incident
DECEMBER 2025
765Before Incident
NOVEMBER 2025
765Before Incident
OCTOBER 2025
765Before Incident
SEPTEMBER 2025
765Before Incident
AUGUST 2025
765Before Incident
JULY 2025
765Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for OpenClaw ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in May 2026 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in April 2026 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in March 2026 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in February 2026 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in January 2026 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in December 2025 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in November 2025 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in October 2025 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in September 2025 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in August 2025 ?
?
What was OpenClaw's A.I Rankiteo Cyber Score in July 2025 ?
?
What is the average per-incident point impact on OpenClaw's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with OpenClaw ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view OpenClaw's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?