OpenClaw—the viral open-source AI assistant formerly known as ClawdBot and MoltBot—has taken the tech world by storm with 160,000+ GitHub stars and breathless media coverage. But there's a critical problem: your employees are probably already using it, and your IT department has no idea.
The Shadow AI Problem
According to security firm Token Security, 22% of enterprise customers have employees actively running OpenClaw—likely without IT approval. This isn't just a policy violation; it's a genuine security risk that every IT leader must understand. Unlike ChatGPT or cloud-based AI, OpenClaw runs directly on users' machines with unrestricted system access. It can execute shell commands, read and write files, and run scripts. When an employee installs it on a work laptop, they're giving an AI agent the keys to potentially sensitive corporate data.
What Security Researchers Found
Cisco's security team called OpenClaw "a security nightmare." Palo Alto Networks researchers found exposed gateways, plaintext credentials, and OAuth tokens in enterprise deployments. A critical vulnerability (CVE-2026-25253) allowed attackers to hijack OpenClaw sessions. The risks are not theoretical—they're documented and escalating.
OpenClaw's "skills" are community-created plugins that extend its capabilities—like browser extensions with root-level system access. Security researchers have already identified malicious skills designed to exfiltrate data. This is shadow IT, but dramatically more dangerous because it's not just accessing files; it's executing code.
Building a Secure Alternative
Banning AI tools doesn't work—employees will find workarounds. Instead, provide tools that meet their needs while maintaining security. Convoe's Kai and Tai offer AI assistance within a secure, IT-managed environment. Kai understands your workspace context without requiring system-level access. It works within Convoe's secure environment, respects data boundaries, and gives IT visibility into AI usage.
Your employees want AI assistants. The question isn't whether they'll use them—it's whether they'll use approved tools or shadow AI. Make it easy to choose the right path.