📄 中文摘要
一名多伦多的计算机科学学生在意外中开发了一个安全工具,旨在监控 AI 代理的行为。OpenClaw 是一个开源 AI 代理,迅速在 GitHub 上获得了 20,000 个星标,能够连接到用户的 WhatsApp、电子邮件、日历和终端,并且可以全天候运行,自动编写未见过任务的代码。卡巴斯基对 OpenClaw 进行了审计,发现了 512 个漏洞,其中八个被评为严重漏洞。研究人员通过这些漏洞获取了 Anthropic API 密钥、Telegram 令牌以及对暴露实例的完全管理员访问权限。SecurityScorecard 统计显示,公共互联网中有超过 135,000 个实例未进行身份验证,其中超过 15,000 个存在远程代码执行的风险。
📄 English Summary
Kaspersky Found 512 Bugs in OpenClaw. So I Built a Monitor to Catch AI Agents Misbehaving.
A computer science student in Toronto unexpectedly developed a security tool aimed at monitoring AI agents' behavior. OpenClaw, an open-source AI agent, quickly gained 20,000 stars on GitHub, capable of connecting to users' WhatsApp, email, calendar, and terminal, running 24/7, and autonomously writing code for tasks it hasn't encountered before. Kaspersky audited OpenClaw and discovered 512 vulnerabilities, eight of which were classified as critical. Researchers exploited these vulnerabilities to gain access to Anthropic API keys, Telegram tokens, and full admin access on exposed instances. SecurityScorecard reported over 135,000 instances on the public internet with zero authentication, with more than 15,000 being vulnerable to remote code execution.