Abstract:This paper systematically investigates the security, privacy, and ethical risks, as well as the traceability challenges of OpenClaw, a locally executable AI agent system for natural language interaction and real-world task completion. While OpenClaw shows strong potential for personal assistance, office automation, cross-platform task management, and information integration, it also raises serious security, privacy, and ethical concerns. By analyzing its system architecture, core functionalities, deployment model, and representative application scenarios, this paper aims to reveal the risks that may arise when such a highly privileged agent is integrated into personal and organizational digital environments. We focus in particular on the challenges associated with persistent local storage, tool invocation, cross-context information aggregation, multi-user interaction, and the integration of plugins and external services. We argue that these issues constitute major barriers to the trustworthy deployment and widespread adoption of this technology. Finally, we summarize the open challenges in security defenses, privacy protection, ethical governance, and traceability in agent use, and call for joint efforts from researchers, developers, deployers, and regulators to build AI agent systems that are safer, more reliable, and more trustworthy.
| Comments: | Accepted by Journal of Information and Intelligence(JII) |
| Subjects: | Cryptography and Security (cs.CR) |
| Cite as: | arXiv:2605.23330 [cs.CR] |
| (or arXiv:2605.23330v1 [cs.CR] for this version) | |
| https://doi.org/10.48550/arXiv.2605.23330 arXiv-issued DOI via DataCite (pending registration) |
From: Yutong Jin [view email]
[v1]
Fri, 22 May 2026 07:45:04 UTC (2,417 KB)
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。