Strong signal and real results. Worth committing a pilot to.
OpenClaw
302k+ GitHub stars in 60 days makes it the fastest-growing OSS project ever, but serious security incidents and reliability concerns mean it is not production-ready yet.
Open-source·Agentic·DevTool·Infrastructure
github.comOur Take
What It Is
OpenClaw is an open-source autonomous AI agent framework (formerly Clawdbot, then Moltbot) created by Austrian developer Peter Steinberger. It connects LLMs to your local files and 20+ messaging platforms (WhatsApp, Telegram, Slack, Discord) through a unified chatbot interface. The skill ecosystem has grown to 800+ published AgentSkills covering Gmail, GitHub, Spotify, smart home, and more. It's model-agnostic, working with Claude, GPT models, DeepSeek, and others.
Why It Matters
The adoption velocity is unprecedented. 302k+ GitHub stars in roughly 60 days makes it the fastest-growing open-source project in GitHub history, surpassing React's 10-year record. That's not just hype: 47.7k forks and an active community suggest real usage. The platform breadth is genuinely useful, consolidating messages from 20+ platforms into a single agent workspace. And with Steinberger joining OpenAI and the project moving to an open-source foundation, there's institutional backing for longevity.
Key Developments
- Mar 2026: Surpassed 302k GitHub stars; released major update with GPT-5.4 support and memory hot-swapping via Context Engine plugin.
- Feb 2026: Creator Peter Steinberger announced he is joining OpenAI; project to be moved to an open-source foundation.
- Feb 2026: CVE-2026-25253 disclosed: one-click RCE via unvalidated WebSocket origin headers. 12% of ClawHub skills registry found to be malicious.
- Jan 2026: Renamed from Moltbot to OpenClaw. Crossed 250k stars.
What to Watch
Security is the blocker. The CVE-2026-25253 RCE vulnerability and 12% malicious skill registry rate aren't edge cases but architectural gaps. China has restricted its use in banks and government agencies; Microsoft published guidance on running it safely. Watch whether the open-source foundation governance addresses these structural security issues. For now, it's best suited to low-stakes personal automation where mistakes are cheap and reversible.
Strengths
- Adoption velocity: 302k+ GitHub stars in ~60 days. The community is real and active with 47.7k forks.
- Platform breadth: Consolidates messages from 20+ platforms into a single agent workspace. Genuinely useful UX pattern for personal automation.
- Extensibility: 800+ published AgentSkills. The skill model is approachable for non-framework developers.
- Model-agnostic: Works with Claude, GPT models, DeepSeek, and others. No vendor lock-in at the LLM layer.
Considerations
- Security posture is poor: CVE-2026-25253 RCE vulnerability and 12% malicious skill registry rate reflect architectural gaps. China restricted its use; Microsoft published safety guidance.
- Reliability in practice: Prone to reasoning loops, unnecessary tool invocations, and mid-task objective drift. Reports of agents unintentionally deleting emails and files.
- Token efficiency: Autonomous agent loops burn significantly more tokens than equivalent direct scripts. The "intelligent automation" is often slower than explicit automation.
- Best for low-stakes tasks: Works well where mistakes are cheap and reversible. Struggles with ambiguous, real-world tasks with real consequences.
Resources
Articles
Practical breakdown of security issues to address before deploying
Microsoft's guidance on identity, isolation, and runtime risk mitigation
Clear technical overview of capabilities, architecture, and setup
More in Agents & Orchestration
OpenClaw· A2A Protocol· OpenAI Agents SDK· PydanticAI· AI Browser Use· Agentic RAG· CrewAI· Multi-agent Orchestration· Chain-of-Thought· LangGraph· Model Context Protocol· Tool Use / Function Calling
Back to AI Radar