5 things CISOs can do to secure Clawdbot AI agents, avoid data leaks, and protect their firm's reputation:

1. Don't automatically block or ban it

Per its docs, OpenClaw (previously called Moltbot and Clawdbot) "is an open agent platform that runs on your machine and works from the chat apps you already use."

By integrating with WhatsApp, Telegram, Discord, Slack, and Teams, it offers an incredibly convenient UX.

Innovators are going to try it. Let them do it, responsibly.

Otherwise, shadow AI is just going to get worse.

With that said, make sure guardrails are in place, like:

2. Use physical or virtual sandboxes

The cleanest way to deploy Clawdbot is on a dedicated laptop, where you control application and data access.

Alternatively, you can use a virtual machine.

This limits the blast radius if something goes wrong.

I would avoid installing it on your primary work or personal machine, which helps:

3. Control data access by confidentiality and impact

Start slow with Clawdbot.

Avoid granting access (either via the deployment environment or providing credentials) to confidential information until you are confident using it.

Potential test cases include creating marketing content, graphics generation, and internet research.

Apply heavy scrutiny to scenarios where Clawdbot can touch sensitive data or tarnish your brand (e.g. social media posts without human review, customer support).

In addition, I would advise that you:

4. Allowlist approved skills

Clawdbot uses open source "skill" plugins to perform specific tasks.

Security researcher Jamieson O'Reilly said he "built a simulated but safe, backdoored clawdbot 'skill' for ClawdHub, inflated its download count to 4,000+ making it the #1 downloaded skill using a trivial vulnerability."

He noted that "real developers from 7 different countries executed arbitrary commands on their machines thinking they were downloading and running a real skill."

Especially for open source projects surrounded by hype, supply chain infiltrations like this are a massive risk.

Vet and approve skills for use, similar to how you would:

5. Apply traditional open source security techniques

You might say "I won't let my sensitive data/critical infrastructure run on free software from the internet."

But there is a 99% chance you already do.

(That's the percentage of all software using OSS).

Clawdbot just accelerates the power of (and potential damage caused by) open source packages.

Use software composition analysis, code review, and package verification to identify security issues.

TL;DR - CISOs can reduce Clawdbot-related risks by:

1. Not automatically blocking or banning its use

2. Physically or virtually sandboxing it

3. Limiting sensitive data access

4. Allowlisting approved skills

5. Applying OSS security

How are you securing Clawdbot use?