China’s national vulnerability database recorded 111 OpenClaw security flaws between April 14 and April 28, according to a Xinhua report published by People’s Daily. The vulnerabilities range from access control errors to critical code issues. Separately, the National Computer Virus Emergency Response Center has detected widespread counterfeit OpenClaw skill packages embedded with Trojan viruses targeting users’ data and system stability.
Three Agencies Issue Joint Guidelines
On May 8, the Cyberspace Administration of China (CAC), the National Development and Reform Commission, and the Ministry of Industry and Information Technology jointly issued guidelines for what they called “standardized application and innovative development of AI agents.” The guidelines stress safety, controllability, and standardized development, according to People’s Daily.
The regulatory push goes beyond vulnerability tracking. In April, five central departments including the CAC introduced regulations on AI anthropomorphic interactive services, establishing a risk-based oversight mechanism requiring security assessments and algorithm filings. The same framework proposed building an AI sandbox security service platform, marking China’s first formal articulation of an AI sandbox governance concept.
The MIIT and other authorities have also released separate guidelines standardizing tech ethics reviews, requiring AI models to maintain robustness, controllability, transparency, and accountability. Authorities are developing a national AI security standard system to set ground rules for the industry.
Enterprise Deployment Outpaces Governance
Chinese tech firms are deploying modified OpenClaw instances at scale. Liu Longwei, CSO of Tuya Smart, told Xinhua that the company equipped its entire workforce with “digital employees” based on modified OpenClaw versions. AI generated 70% of the company’s code in 2025. Tuya responded to the security pressure by building six layers of defense, including system hardening and supply chain security.
Liang Hongwei, a senior technology expert at Alibaba Cloud, warned that “allowing employees to run unregulated OpenClaw in the workplace is risky, as it undermines control over security and data exposure threats,” recommending elastic cloud deployment and strict operational principles prioritizing security and compliance.
Domestic Security Vendors Respond
AsiaInfo’s cybersecurity arm introduced what it calls the Agent Trust Framework (ATF), a governance model integrating “agent intent alignment” and “human-AI co-governance.” The framework aims to contain risks from AI randomness while keeping productivity within compliance boundaries.
AsiaInfo co-founder Tian Suning described the stakes: “OpenClaw-type agents are likely to become the next generation of operating systems.” As core corporate assets shift from personnel and software to data and agents, he argued, the ownership and security of these digital entities become critical.
The Global Context
The OWASP Foundation has listed agent goal hijacking and tool misuse among core threats in a recent report, confirming that the security challenges China is responding to are not unique to one country. But China’s response is distinctive in its speed and scope: three sets of regulations from multiple agencies within a single month, a national standards initiative, and explicit framing of agents as infrastructure requiring governance rather than software requiring patches.
The 111 vulnerabilities in two weeks put a number on something the OpenClaw community has been grappling with since late 2025. NCT previously reported on a chain of four critical vulnerabilities affecting 245,000 exposed instances, disclosed by Cyera Research in May. China’s vulnerability count suggests the attack surface is broader than individual CVE disclosures indicate.