内容来源：https://www.wired.com/story/openclaw-banned-by-tech-companies-as-security-concerns-mount/

内容总结：

近期，一款名为OpenClaw（曾用名MoltBot）的自主代理AI工具在科技行业引发广泛安全担忧，多家企业已紧急采取措施限制或禁止其使用。

该工具由独立开发者Peter Steinberger于去年11月开源发布，可通过简单指令接管用户电脑，自动执行文件整理、网络调研等任务。随着社交平台上使用案例的传播，其热度快速上升，但同时也因安全风险受到企业安全团队的警惕。

多家科技公司高管已明确禁止员工在工作设备上使用OpenClaw。互联网代理服务公司Massive的CEO杰森·格拉德早在1月26日便向员工发出警告，要求其不得在公司设备或工作账户上使用该工具。另一家软件公司Valere的CEO盖伊·皮斯托内也表示，已严格禁止员工使用，担心其一旦接入公司系统，可能泄露客户信用卡信息、代码库等敏感数据。

安全专家指出，OpenClaw可能存在被恶意利用的风险。例如，若将其设置为处理邮件，黑客可能通过诱导性指令操控其窃取用户电脑文件。尽管Valere的研究团队尝试在隔离环境中测试其安全性，并提出通过密码保护控制面板、限制指令权限等建议，但短期内仍难以消除企业对其不可预测性的顾虑。

目前，不同企业应对策略各异：部分公司选择全面禁止；也有企业依赖现有网络安全体系进行自动拦截；还有如布拉格的软件公司Dubrink，则为员工配置了与公司系统隔离的专用设备供其测试。尽管风险显著，部分企业仍不愿放弃其商业潜力。Massive公司已在隔离环境中测试OpenClaw，并于近期推出了与之配套的网络浏览服务ClawPod，试图在安全可控的前提下探索其应用前景。

随着OpenClaw的开发者团队近期加入OpenAI，并承诺将通过基金会维持其开源属性，该工具的未来发展仍备受关注。如何在技术创新与安全防护之间取得平衡，已成为企业面临的重要挑战。正如皮斯托内所言：“谁能率先解决其企业级安全问题，谁就将赢得先机。”

（本文根据2026年2月17日太平洋时间下午3点更新的报道内容整理）

中文翻译：

上个月，科技初创公司创始人杰森·格拉德向旗下20名员工发布了一条深夜警告。他在Slack工作群中配着红色警报表情符号写道："各位可能已在X/LinkedIn上看到Clawdbot的热搜。虽然它很酷，但目前未经安全审查，对我们的工作环境存在高风险。请勿在公司任何设备上安装Clawdbot，并避免使用工作账户接触该工具。"

格拉德并非唯一对这款实验性自主人工智能工具提出警示的科技公司高管。这款曾短暂名为MoltBot、现更名为OpenClaw的工具，也引起了Meta高管的警惕。一位Meta高管透露，他近期要求团队成员不得在常规工作电脑上使用OpenClaw，违者可能面临解雇。这位要求匿名的高管向记者坦言，他认为该软件行为难以预测，若在安全环境中使用可能导致隐私泄露。

OpenClaw的独立创始人彼得·斯坦伯格去年11月将其作为免费开源工具推出。随着其他程序员不断贡献新功能并在社交媒体分享使用体验，该工具上月人气骤增。上周，斯坦伯格已加入ChatGPT开发商OpenAI，该公司承诺将继续保持OpenClaw开源，并通过基金会提供支持。

配置OpenClaw需要基础软件工程知识。完成设置后，该工具仅需简单指令即可接管用户电脑，通过与其他应用程序交互来协助整理文件、网络调研及在线购物等任务。

部分网络安全专家已公开呼吁企业严格管控员工使用OpenClaw的方式。近期多家公司的禁令表明，在尝试新兴AI技术的渴望面前，企业正迅速采取行动优先保障安全。

"我们的原则是'先防范，后调查'，只要发现可能危害公司、用户或客户的事物就必须立即处理。"为数百万用户和企业提供网络代理工具的Massive公司联合创始人兼CEO格拉德表示。他在1月26日向员工发布警告时，尚未有员工安装该软件。

在另一家为约翰斯·霍普金斯大学等机构开发软件的科技公司Valere，有员工于1月29日在内部Slack技术分享频道提及OpenClaw。公司总裁当即严令禁止使用该工具，CEO盖伊·皮斯托内向《连线》杂志透露："若它获取开发者电脑权限，就可能侵入云服务及客户敏感信息，包括信用卡数据和GitHub代码库。其行动痕迹清除能力之强令人不安。"

一周后，皮斯托内批准研究团队在一台旧电脑上运行OpenClaw，旨在发现软件缺陷及安全改进方案。研究团队随后建议：限制OpenClaw指令权限，并为控制面板设置互联网访问密码以防未授权访问。

Valere研究团队在提交《连线》的报告中补充指出，用户必须"接受该机器人可能被欺骗"——例如当OpenClaw设置为邮件摘要功能时，黑客可向用户发送恶意邮件，诱导AI分享其电脑文件副本。

但皮斯托内相信通过防护措施能提升OpenClaw安全性，已安排团队开展60天调研。"若无法在合理时间内实现安全部署，我们会放弃。但谁能解决企业级安全问题，谁就将赢得市场。"

部分担忧OpenClaw的企业选择依赖现有网络安全防护，而非出台专项禁令。某大型软件公司CEO透露，公司设备仅允许安装约15个程序，其他软件应被自动拦截。这位匿名高管表示，尽管OpenClaw具有创新性，但难以在公司网络隐蔽运行。

布拉格合规软件开发商Dubrink首席技术官扬-约斯特·登·布林克购置了独立设备供员工体验OpenClaw，该设备未连接公司系统或账户。"我们目前尚未用OpenClaw解决业务问题。"他坦言。

网络代理公司Massive正谨慎探索OpenClaw的商业潜力。格拉德透露，公司先在云端隔离环境中测试该AI工具，随后于上周推出ClawPod——使OpenClaw智能体能通过Massive服务进行网络浏览。虽然未加防护的OpenClaw仍被禁止接入公司系统，但新技术及其盈利前景令人难以忽视。"OpenClaw或许展现了未来图景，这正是我们为之构建的原因。"格拉德说。

更新说明：2026年2月17日太平洋时间下午3:00，本文标题已更新，以更准确反映企业对OpenClaw的应对策略。

英文来源：

Last month, Jason Grad issued a late-night warning to the 20 employees at his tech startup. “You've likely seen Clawdbot trending on X/LinkedIn. While cool, it is currently unvetted and high-risk for our environment," he wrote in a Slack message with a red siren emoji. “Please keep Clawdbot off all company hardware and away from work-linked accounts.”
Grad isn’t the only tech executive who has raised concerns to staff about the experimental agentic AI tool, which was briefly known as MoltBot and is now named OpenClaw. A Meta executive says he recently told his team to keep OpenClaw off their regular work laptops or risk losing their jobs. The executive told reporters he believes the software is unpredictable and could lead to a privacy breach if used in otherwise secure environments. He spoke on the condition of anonymity to speak frankly.
Peter Steinberger, OpenClaw’s solo founder, launched it as a free, open source tool last November. But its popularity surged last month as other coders contributed features and began sharing their experiences using it on social media. Last week, Steinberger joined ChatGPT developer OpenAI, which says it will keep OpenClaw open source and support it through a foundation.
OpenClaw requires basic software engineering knowledge to set up. After that, it only needs limited direction to take control of a user’s computer and interact with other apps to assist with tasks such as organizing files, conducting web research, and shopping online.
Some cybersecurity professionals have publicly urged companies to take measures to strictly control how their workforces use OpenClaw. And the recent bans show how companies are moving quickly to ensure security is prioritized ahead of their desire to experiment with emerging AI technologies.
“Our policy is, ‘mitigate first, investigate second’ when we come across anything that could be harmful to our company, users, or clients,” says Grad, who is cofounder and CEO of Massive, which provides internet proxy tools to millions of users and businesses. His warning to staff went out on January 26, before any of his employees had installed OpenClaw, he says.
At another tech company, Valere, which works on software for organizations including Johns Hopkins University, an employee posted about OpenClaw on January 29 on an internal Slack channel for sharing new tech to potentially try out. The company’s president quickly responded that use of OpenClaw was strictly banned, Valere CEO Guy Pistone tells WIRED.
“If it got access to one of our developer’s machines, it could get access to our cloud services and our clients’ sensitive information, including credit card information and GitHub codebases,” Pistone says. “It’s pretty good at cleaning up some of its actions, which also scares me.”
A week later, Pistone did allow Valere’s research team to run OpenClaw on an employee’s old computer. The goal was to identify flaws in the software and potential fixes to make it more secure. The research team later advised limiting who can give orders to OpenClaw and exposing it to the internet only with a password in place for its control panel to prevent unwanted access.
In a report shared with WIRED, the Valere researchers added that users have to “accept that the bot can be tricked.” For instance, if OpenClaw is set up to summarize a user’s email, a hacker could send a malicious email to the person instructing the AI to share copies of files on the person’s computer.
But Pistone is confident that safeguards can be put in place to make OpenClaw more secure. He has given a team at Valere 60 days to investigate. “If we don’t think we can do it in a reasonable time, we’ll forgo it,” he says. “Whoever figures out how to make it secure for businesses is definitely going to have a winner.”
Some companies concerned about OpenClaw are choosing to trust the cybersecurity protections they already have in place rather than introduce a formal or one-off ban. A CEO of a major software company says only about 15 programs are allowed on corporate devices. Anything else should be automatically blocked, says the executive, who spoke on the condition of anonymity to discuss internal security protocols. He says that while OpenClaw is innovative, he doubts that it will find a way to operate on the company’s network undetected.
Jan-Joost den Brinker, chief technology officer at Prague-based compliance software developer Dubrink, says he bought a dedicated machine not connected to company systems or accounts that employees can use to play around with OpenClaw. “We aren't solving business problems with OpenClaw at the moment,” he says.
Massive, the web proxy company, is cautiously exploring OpenClaw’s commercial possibilities. Grad says it tested the AI tool on isolated machines in the cloud and then, last week, released ClawPod, a way for OpenClaw agents to use Massive’s services to browse the web. While OpenClaw is still not welcome on Massive’s systems without protections in place, the allure of the new technology and its moneymaking potential was too great to ignore. OpenClaw “might be a glimpse into the future. That's why we're building for it,” Grad says.
Updated: 2/17/2026, 3:00 pm PST: The headline of this story has been updated to better reflect how companies are responding to OpenClaw.