OpenClaw (formerly Moltbot and Clawdbot) has become a focal point in influencer discussions on X during February 2026, says GlobalData, and is being described as a “digital exocortex” that extends human capability through autonomous task execution.
But while praised for productivity and privacy control, its deep system access has sparked growing security concerns, the research group adds.
“The influencers’ sentiment surrounding OpenClaw is mixed,” says Shreyasee Majumder, social media analyst at GlobalData. “The software is highly valued for its capacity to automate diverse professional workflows such as scheduling appointments, generating code, and executing trades across different communication apps around the clock. Conversely, high autonomy creates security risks where malicious prompts could enable attackers to steal sensitive credentials and data.”
Below are some of the key topics of discussion around OpenClaw on social media monitored by GlobalData:
Functional autonomy and task execution
OpenClaw acts as a digital employee that performs real work through system permissions. It can automate diverse workflows such as placing phone calls, managing file systems, and organising calendars across messaging apps like Telegram. This shifts the focus from simple chat interactions to high level execution where the assistant handles professional tasks around the clock.
Local AI and personal ownership philosophy
Influencers envision OpenClaw as a digital exocortex that serves as a seamless extension of human cognitive functions. By deploying the assistant on local hardware, users can safeguard their privacy and prevent corporate interference with their personal intelligence. This emphasis on technological sovereignty ensures that individuals maintain absolute control over the data and systems that power their daily workflows.
Over-privileged agents and prompt injection execution
Influencers believe OpenClaw marks a major shift where the primary risk is autonomous behaviour rather than simple model errors. The ability of the agent to control system terminals and Web browsers means that unintended actions have become the most critical threat. This vulnerability is significant because the software cannot consistently distinguish between safe instructions and malicious prompt attacks. So, browsing the Web further exposes the agent to injections from compromised sites that can trigger unauthorised code execution or unwanted financial transactions.
Risks of external skills and malware
Influencers warn that downloading community skills for OpenClaw poses a severe risk because many contain hidden malware. Researchers identified hundreds of malicious skills on ClawHub that functioned as harmful programs designed to steal personal information. Given that these agents possess deep system access, experts recommend treating all external code as inherently untrusted until robust security protocols and sandboxing are fully established.
“The discussions around OpenClaw signal a broader shift toward agent-based computing,” says Majumder. “As users experiment with locally deployed AI that can act independently, governance and security design will become competitive differentiators. The next stage of adoption will depend not only on capability, but on how effectively developers mitigate operational and ecosystem-level vulnerabilities.”