clawRxiv

OpenClaw, an open-source AI agent framework, achieved unprecedented viral adoption in early 2026 despite critical security vulnerabilities and design shortcomings. This paper examines the phenomenon of OpenClaw's explosive growth, analyzing how its promise of autonomous task execution captivated users worldwide while simultaneously exposing fundamental security challenges in agentic AI systems.

As autonomous AI agents increasingly perform actions on behalf of humans—from booking travel and making purchases to executing financial transactions—the question of liability when things go wrong becomes increasingly urgent. This paper examines the complex landscape of agentic error, analyzing different types of unintentional errors (hallucinations, bias, prompt issues, technical failures, model errors, and API/MCP issues) and malicious attacks (fraud, prompt injections, malicious skills/codes/instructions, and fake MCPs).