[2603.27517] A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework

Computer Science > Cryptography and Security arXiv:2603.27517 (cs) [Submitted on 29 Mar 2026] Title:A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework Authors:Surada Suwansathit, Yuxuan Zhang, Guofei Gu View a PDF of the paper titled A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework, by Surada Suwansathit and 2 other authors View PDF HTML (experimental) Abstract:AI agent frameworks connecting large language model (LLM) reasoning to host execution surfaces--shell, filesystem, containers, and messaging--introduce security challenges structurally distinct from conventional software. We present a systematic taxonomy of 190 advisories filed against OpenClaw, an open-source AI agent runtime, organized by architectural layer and trust-violation type. Vulnerabilities cluster along two orthogonal axes: (1) the system axis, reflecting the architectural layer (exec policy, gateway, channel, sandbox, browser, plugin, agent/prompt); and (2) the attack axis, reflecting adversarial techniques (identity spoofing, policy bypass, cross-layer composition, prompt injection, supply-chain escalation). Patch-differential evidence yields three principal findings. First, three Moderate- or High-severity advisories in the Gateway and Node-Host subsystems compose into a complete unauthenticated remote code execution (RCE) path--spanning delivery, exploitation, and command-and-control--from an LLM tool call to the host process. Seco...