Dutch Data Protection Authority Warns Against OpenClaw AI Agent Risks
On February 12, 2026, the Netherlands’ Autoriteit Persoonsgegevens (AP) issued a formal warning against OpenClaw and similar open-source autonomous AI agent systems, citing severe cybersecurity and data privacy risks. The regulator’s advisory highlights vulnerabilities that could lead to data breaches, account takeovers, and unauthorized remote access posing threats to both individual users and organizations.
OpenClaw, an open-source AI assistant capable of executing tasks autonomously, requires broad system access, including emails, files, and online services. While its convenience appeals to users, the AP warns that this architecture makes it a prime target for exploitation. Security researchers found that roughly 20% of OpenClaw plug-ins contain malware, designed to steal login credentials or cryptocurrency. Additionally, the platform is vulnerable to indirect prompt injection attacks, where hidden commands in websites, emails, or messages trick the AI into executing malicious actions potentially granting attackers access to linked accounts (e.g., Google, Facebook, Apple ID) or sensitive local files.
Beyond these risks, the AP identified remote code execution vulnerabilities, allowing attackers to take full control of a system without physical access. Misconfigurations also pose a threat, as users may unknowingly expose personal data to public visibility. Despite running locally, OpenClaw’s interactions with cloud services and third-party integrations create significant security gaps.
The AP urges users and organizations to avoid deploying such AI agents on systems handling sensitive data, including financial records, employee information, or identity documents. Parents are specifically advised to check if children have installed these tools on home devices. The warning extends to marketing and advertising teams, where AI agents managing campaigns could expose CRM data, API keys, and client financial records to exploitation.
Legally, the AP emphasizes that GDPR compliance remains unchanged organizations using OpenClaw are still accountable for data protection, regardless of the software’s open-source nature. The regulator also calls for the EU AI Act to explicitly cover autonomous AI agents, addressing a regulatory gap in classifying their risk levels. This follows prior AP efforts, including a 2025 consultation that found most generative AI models non-compliant with GDPR.
The warning arrives as AI agents gain traction in enterprise and consumer environments, outpacing security standards. With plug-in ecosystems mirroring past malware distribution issues (e.g., browser extensions), the AP’s advisory signals growing regulatory scrutiny over autonomous AI tools particularly those granting unrestricted system access.
Source: https://ppc.land/dutch-authority-flags-open-source-ai-agents-as-a-trojan-horse-for-hackers/
OpenClaw cybersecurity rating report: https://www.rankiteo.com/company/openclawai
"id": "OPE1772375256",
"linkid": "openclawai",
"type": "Vulnerability",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Individual users and '
'organizations using OpenClaw',
'industry': 'Technology/AI',
'location': 'Global',
'name': 'OpenClaw',
'type': 'Open-source AI agent'},
{'customers_affected': 'Clients and employees of '
'organizations using OpenClaw',
'industry': ['Marketing', 'Advertising', 'Enterprise'],
'location': 'Global',
'name': 'Organizations using OpenClaw',
'type': 'Various'}],
'attack_vector': ['Malicious plug-ins',
'Indirect prompt injection attacks',
'Remote code execution vulnerabilities',
'Misconfigurations'],
'customer_advisories': 'Parents advised to check for OpenClaw installations '
"on children's devices.",
'data_breach': {'data_exfiltration': 'Potential through malicious plug-ins or '
'remote code execution',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Login credentials',
'Cryptocurrency',
'Sensitive local files',
'CRM data',
'API keys',
'Client financial records',
'Personal data']},
'date_detected': '2026-02-12',
'date_publicly_disclosed': '2026-02-12',
'description': 'The Netherlands’ Autoriteit Persoonsgegevens (AP) issued a '
'formal warning against OpenClaw and similar open-source '
'autonomous AI agent systems, citing severe cybersecurity and '
'data privacy risks. The advisory highlights vulnerabilities '
'that could lead to data breaches, account takeovers, and '
'unauthorized remote access posing threats to both individual '
'users and organizations.',
'impact': {'brand_reputation_impact': 'Regulatory scrutiny and potential loss '
'of trust in autonomous AI tools',
'data_compromised': ['Login credentials',
'Cryptocurrency',
'Sensitive local files',
'CRM data',
'API keys',
'Client financial records',
'Personal data'],
'identity_theft_risk': 'High',
'legal_liabilities': 'GDPR non-compliance risks',
'operational_impact': 'Potential unauthorized access to sensitive '
'systems and data',
'payment_information_risk': 'High',
'systems_affected': ['OpenClaw AI agent systems',
'Linked accounts (e.g., Google, Facebook, '
'Apple ID)',
'Local files']},
'investigation_status': 'Ongoing regulatory scrutiny',
'lessons_learned': 'Autonomous AI agents with broad system access pose '
'significant security and privacy risks, requiring '
'stricter regulatory oversight and user awareness.',
'post_incident_analysis': {'corrective_actions': ['Regulatory warnings',
'Calls for EU AI Act '
'coverage',
'User awareness campaigns'],
'root_causes': ['Malicious plug-ins (20% contain '
'malware)',
'Indirect prompt injection '
'vulnerabilities',
'Remote code execution flaws',
'Misconfigurations']},
'recommendations': ['Avoid deploying OpenClaw or similar AI agents on systems '
'handling sensitive data',
'Check for unauthorized installations on home devices',
'Ensure GDPR compliance when using AI tools',
'Advocate for regulatory frameworks like the EU AI Act to '
'cover autonomous AI agents'],
'references': [{'date_accessed': '2026-02-12',
'source': 'Autoriteit Persoonsgegevens (AP)'}],
'regulatory_compliance': {'regulations_violated': ['GDPR'],
'regulatory_notifications': 'AP advisory and call '
'for EU AI Act '
'coverage'},
'response': {'communication_strategy': 'Formal warning and advisory issued by '
'AP',
'containment_measures': 'AP urges users to avoid deploying '
'OpenClaw on systems handling sensitive '
'data'},
'stakeholder_advisories': 'Organizations and users are advised to avoid using '
'OpenClaw for sensitive operations.',
'title': 'Dutch Data Protection Authority Warns Against OpenClaw AI Agent '
'Risks',
'type': 'Data Privacy and Cybersecurity Advisory',
'vulnerability_exploited': ['Malware in plug-ins',
'Indirect prompt injection',
'Remote code execution',
'Misconfigured access controls']}