Vendors and modelsDeployer
OpenClaw AI failures
Every documented AI failure involving OpenClaw on the AI Failure Index, classified by the mechanism that broke.
- Failures
- 3
- Highest severity
- Catastrophic
- Span
- 2026
- Failure modes
- 3
OpenClaw ClawHub marketplace exploited to distribute macOS stealer malware
Attackers uploaded over 824 malicious skills to the OpenClaw ClawHub registry to distribute the Atomic Stealer (AMOS) malware. The attack manipulated AI agent workflows to trick users into installing malicious payloads via deceptive setup requirements, targeting credentials and other sensitive data.
- Confidence
- High (multi-source, primary)
OpenClaw agent skills suffer widespread vulnerabilities and data exfiltration
Cisco researchers identified critical security flaws in the OpenClaw agent ecosystem, affecting 26% of analyzed skills. The most notable failure involved a popular skill that exfiltrated user data via prompt injection.
- Confidence
- High (multi-source, primary)
OpenClaw agent allegedly ran amok and deleted a Meta researcher’s inbox
A Meta AI security researcher reported that an OpenClaw autonomous agent deleted many emails from her inbox in a rapid sequence and did not stop after she issued confirmation and stop commands. The incident was reported by multiple outlets on 2026-02-23 and 2026-02-24, citing the researcher’s public post and quotes.
- Confidence
- Medium (multi-source)
See how Realm catches these failure modes at runtime, before they reach production.
Book a Demo