Core Viewpoint - The article discusses the rising popularity of the open-source AI agent OpenClaw, highlighting its potential risks in the internet finance sector due to its high system permissions and weak security configurations, which could be exploited by attackers [3][4]. Group 1: Risks Identified - The China Internet Finance Association has identified four core risks associated with OpenClaw in the internet finance industry: 1. **Financial Loss Risk**: OpenClaw has disclosed multiple medium to high-risk vulnerabilities that attackers could exploit to gain control over devices, potentially leading to the theft of sensitive information such as online banking passwords and payment keys [4][5]. 2. **Transaction Responsibility Risk**: OpenClaw's ability to autonomously execute multi-step operations may lead to erroneous financial transactions, with unclear legal responsibilities due to the lack of full explainability in current AI technologies [5]. 3. **Data Compliance Risk**: OpenClaw's persistent memory feature may lead to sensitive financial data being stored and potentially transmitted to third parties, raising compliance concerns in handling sensitive data [6]. 4. **New Fraud Risks**: Criminals may exploit the popularity of OpenClaw to perpetrate investment fraud, using deceptive tactics to lure individuals into downloading counterfeit applications or transferring funds [6]. Group 2: Recommendations - The China Internet Finance Association has proposed four preventive measures: 1. Financial consumers should be cautious when installing OpenClaw on devices used for online banking and trading, avoiding granting it financial service operation permissions and monitoring for vulnerability updates [8]. 2. Consumers should remain vigilant against financial scams that use terms like "AI stock trading" and ensure that any financial transactions are conducted through legitimate channels [9]. 3. Financial institutions should refrain from installing OpenClaw on devices that handle customer information or financial operations, ensuring sensitive data is not processed through the AI agent [9]. 4. Institutions should incorporate the security management of AI applications like OpenClaw into their information security protocols and provide specialized training to employees to enhance their ability to identify and mitigate risks [9]. Group 3: Potential Benefits - Despite the risks, open-source AI agents like OpenClaw can offer significant advantages in the financial sector, particularly in reducing costs and automating repetitive tasks. However, for successful integration into core financial operations, several key challenges must be addressed, including algorithm explainability, accountability mechanisms, compliance with data protection standards, and maintaining human intervention capabilities [9].

面对新一轮技术革命，地方政府有"焦虑"再正常不过，不过， 越是面对热潮，越需要定力。跑得快固然能抢占一时的声量先 机，但只有找准身位、跑得稳，才能真正把技术红利留下。 作者：宋笛 封图：东方IC 过去一周，在"养龙虾"这件事情上，很多城市又有了一哄而上的迹象。 龙虾是指开源AI智能体OpenClaw，因其图标是红色龙虾、英文名Claw意为钳子，网友便将训练 它的过程戏称为"养龙虾"。OpenClaw可以通过各类Skill（工具）自动完成编程、写作、数据分 析等任务。 随着"养龙虾"的爆火，数天里，苏州、常熟、深圳龙岗、南京栖霞等多地密集出台了养龙虾"X"条 的征集意见稿，用补贴、股权投资等措施鼓励基于OpenClaw的项目在本地落地。 在 "养龙虾"的 热潮中，地方政府跑得很快，相比之下，一些科技企业反应还慢了一些。但从政府应该扮演的角色 看，未免有些太快了。 这不是说政府不应该关注前沿技术的发展，关键在于，政府应该在新技术发展中扮演什么角色。 面对一项发布才两个多月的技术工具，比起"带队冲锋"，地方政府更应该慢一拍、退一步，扮演 好"后勤"和"把关人"的角色，要观察新技术基础设施的短板、真实的落地痛点和新技 ...

Core Viewpoint - The article discusses the rapid rise of the open-source AI agent "Lobster" (OpenClaw) in China, highlighting its popularity among users and the supportive policies from various local governments aimed at fostering its development and application in the industry [3][5]. Group 1: Overview of "Lobster" - "Lobster" is an open-source AI agent known as OpenClaw, which integrates communication software and large language models to autonomously perform complex tasks on local computers, such as file management and data processing [4]. - The software operates based on natural language commands, requiring elevated system permissions to access local file systems and external APIs [4]. Group 2: Government Support and Policies - Local governments in Guangdong, Jiangsu, and Anhui have issued multiple policy documents to support the "Lobster" model, providing financial support, ecosystem development, and talent cultivation to promote the implementation of open-source AI projects [5]. - Shenzhen Longgang District introduced the "Lobster Ten Measures," offering zero-cost startup support to developers and "one-person companies" (OPC), including free deployment services for OpenClaw [6]. - Hefei High-tech Zone launched an action plan with 15 measures to create a benchmark for AI and OPC, offering up to 10 million yuan in funding support and various workspace options for startups [6]. - Jiangsu Changshu has proposed 13 measures to provide free deployment and training services for OpenClaw users, with financial incentives for successful projects in the manufacturing sector [7]. Group 3: Security Risks and Challenges - Despite the benefits of "Lobster," its strong execution capabilities pose significant security challenges, prompting warnings from the Ministry of Industry and Information Technology regarding potential risks associated with OpenClaw [9]. - Notable risks include "prompt injection," "misoperation," malicious plugins, and security vulnerabilities that could lead to data breaches and system control [10][11]. - The rapid iteration of the "Lobster" agent does not guarantee complete risk elimination, as it may misinterpret user commands or utilize compromised skill packages [12]. Group 4: Recommendations for Risk Prevention - Users are advised to use the latest official version of "Lobster," control internet exposure, and adhere to the principle of least privilege when deploying the AI agent [14][15]. - Caution is recommended when using skill packages from the ClawHub community, and users should avoid downloading suspicious content [15]. - Establishing a long-term protection mechanism, including detailed logging and regular vulnerability checks, is essential for maintaining security [16].

Group 1 - Meituan has upgraded its "Xingmou" multimodal large model and integrated service system, set to launch in April 2025, aiming to enhance food safety through AI technology [1] - The upgrade will address industry challenges such as high costs, latency, and privacy concerns, shifting risk management from retrospective to real-time intervention [1] - This move signifies a practical direction for leading platforms to integrate large model technology with core business, demonstrating a commitment to digital governance in local services [1] Group 2 - Tmall announced a comprehensive upgrade to its new merchant support policy for 2026, including waiving annual fees and increasing operational incentives [2] - New merchants will benefit from 20 inclusive rights, such as 30 days of interest-free loans and free business consulting, significantly lowering entry barriers [2] - The strategy indicates a shift from "traffic competition" to a focus on deepening the merchant ecosystem within the e-commerce platform [2] Group 3 - The search volume for "OpenClaw" related products on Xianyu surged by 1850% from March 5 to March 10, reflecting a growing interest in AI tools [3] - Transaction volumes for OpenClaw services have also increased significantly, with a wide range of offerings available on the platform [3] - This trend highlights the emergence of a new secondary market and service transactions driven by the practical demand for AI tools and the accompanying technological anxiety [3]

近期，随着开源AI智能体"OpenClaw"（因图标为红色龙虾，被戏称为"养龙虾"）在网络走红，官方连续发 布风险提示。 3月10日，国家互联网应急中心发布关于OpenClaw安全应用的风险提示；此前，工信部也发文指出，"龙虾 （OpenClaw）"在默认或不当配置情况下，极易引发网络攻击、信息泄露等安全问题。 值得一提的是，相比于大众市场的热捧，金融机构的反馈显得格外"冷静"。 金融机构普遍未部署 "目前业务层面没有测试过接入该智能体，总体还是谨慎的。"华北地区某城商行员工向记者表示："有客户问 过，但公司目前没有接入OpenClaw的业务，也不让使用。"华北一券商从业者表示。 "核心原因是金融行业强监管、高风险的底线要求，OpenClaw的端到端自动执行现阶段和金融合规要求严重不 匹配。"博通咨询金融业资深分析师王蓬博指出，金融领域本身的严肃性、安全性，强监管是不可突破的红 线，和其他领域有本质不同。 行业智能体应用差异化发展 事实上，在OpenClaw爆火前，银行业已对智能体进行探索和应用，工商银行、浦发银行、微众银行等都曾传 出企业级的自研智能体动态，可运用于办公、拓客、风控等多个金融场景。 麦肯锡发 ...

| 五、宏观信息 | | | --- | --- | | 美国总统特朗普表示，美国对伊朗的战争可能很快就会结束。特朗普称，这场战争已经基本结束，差不多了。伊朗没有海军，没有通信系统，也没有空军。这 | | | 比他最初预计的4到5周时间框架"进展快得多"。霍尔木兹海峡往来船只正在增多，他考虑接管该海峡。受此消息影响，美油快速跳水，一度跌超10%。在亚 | | | 盘时段，美油一度涨超31%，因全球最大石油出口国沙特已开始削减原油产量。伊朗方面警告称，如果对其基础设施的打击持续不断，油价将涨至每桶200美元 | | | 。 | | | 七国集团（G7）财政部长周一举行电话会议，讨论如何应对因美以对伊朗发动战争而引发的油价飙升。他们基本达成共识，暂时不释放战略石油储备。G7财长 | | | 发表声明称，各方已准备好采取必要措施，包括通过释放储备等方式支持全球能源供应，但目前尚未决定实施。各方将继续密切关注局势发展以及能源市场动 态，并将在必要时再次举行会议，交流信息并在七国集团及国际伙伴之间加强协调。此前，一些美国官员建议联合释放3亿至4亿桶石油，约占12亿桶石油储备 | | | 的25%至30%。日本政府已要求 ...

近期，工业和信息化部网络安全威胁和漏洞信息共享平台监测发现OpenClaw开源AI智能体部分实例在默认或不当配置情况下存 在较高安全风险，极易引发网络攻击、信息泄露等安全问题。 OpenClaw（曾用名 Clawdbot、Moltbot）是一款开源AI智能体，其通过整合多渠道通信能力与大语言模型，构建具备持久记忆、主动执行能力的定制化AI 助手，可在本地私有化部署。由于OpenClaw在部署时"信任边界模糊"，且具备自身持续运行、自主决策、调用系统和外部资源等特性，在缺乏有效权限 控制、审计机制和安全加固的情况下，可能因指令诱导、配置缺陷或被恶意接管，执行越权操作，造成信息泄露、系统受控等一系列安全风险。 建议相关单位和用户在部署和应用OpenClaw时，充分核查公网暴露情况、权限配置及凭证管理情况，关闭不必要的公网访问，完善身份认证、访问控 制、数据加密和安全审计等安全机制，并持续关注官方安全公告和加固建议，防范潜在网络安全风险。 来源：央视新闻 版权声明 证券时报各平台所有原创内容，未经书面授权，任何单位及个人不得转载。我社保留追 究相关 行 为主体法律责任的权利。 转载与合作可联系证券时报小助理，微信I ...

OpenClaw（曾用名 Clawdbot、Moltbot）是一款开源AI智能体，其通过整合多渠道通信能力与大 语 言 模 型 ， 构 建 具 备 持 久 记 忆 、 主 动 执 行 能 力 的 定 制 化 AI 助 手 ， 可 在 本 地 私 有 化 部 署 。 由 于 OpenClaw在部署时"信任边界模糊"，且具备自身持续运行、自主决策、调用系统和外部资源等特 性，在缺乏有效权限控制、审计机制和安全加固的情况下，可能因指令诱导、配置缺陷或被恶意接 管，执行越权操作，造成信息泄露、系统受控等一系列安全风险。 建议相关单位和用户在部署和应用OpenClaw时， 充分核查公网暴露情况、权限配置及凭证管理情 况，关闭不必要的公网访问，完善身份认证、访问控制、数据加密和安全审计等安全机制， 并持续 关注官方安全公告和加固建议，防范潜在网络安全风险。 2026.03. 08 本文字数：540，阅读时长大约1分钟 来源 | 央视新闻 近期，工业和信息化部网络安全威胁和漏洞信息共享平台监测发现 OpenClaw（俗称"龙虾"）开源 AI智能体部分实例在默认或不当配置情况下存在较高安全风险，极易引发网络攻击、信息泄露等安 ...

据央视新闻，近期，工业和信息化部网络安全威胁和漏洞信息共享平台监测发现OpenClaw（俗称"龙虾"）开源AI智能体部分实例 在默认或 不当配置情况下存在较高安全风险，极易引发网络攻击、信息泄露等安全问题 。 OpenClaw（曾用名 Clawdbot、Moltbot）是一款开源AI智能体，其通过整合多渠道通信能力与大语言模型，构建具备持久记忆、主动执 行能力的定制化AI助手，可在本地私有化部署。由于OpenClaw在部署时"信任边界模糊"，且具备自身持续运行、自主决策、调用系统和外 部资源等特性，在缺乏有效权限控制、审计机制和安全加固的情况下，可能因指令诱导、配置缺陷或被恶意接管，执行越权操作，造成信息 泄露、系统受控等一系列安全风险。 建议相关单位和用户在部署和应用OpenClaw时，充分核查公网暴露情况、权限配置及凭证管理情况，关闭不必要的公网访问，完善身份认证、访问 控制、数据加密和安全审计等安全机制，并持续关注官方安全公告和加固建议，防范潜在网络安全风险。 ...

Group 1 - The core point of the article is the rising popularity of the AI agent OpenClaw, which has seen a significant increase in search volume and is now being offered through a remote deployment service by Meituan and Lenovo's IT service brand, Lenovo Baiying [1] - As of now, the search volume for "OpenClaw" has increased by over 300% compared to the previous period [1] - Consumers can access the service by searching for "龙虾安装" on the Meituan App, allowing them to receive professional remote deployment assistance without needing to set up or debug the environment themselves [1]