The Federal Office for Information Security (BSI) is working intensively on clear security criteria and so‑called “best practices” for securing “AI agents” a spokesperson for the agency told a news agency on Tuesday.
The BSI expects AI systems to evolve “continuously or even disruptively”. With the progress of the technology it will become increasingly difficult to distinguish human actors from AI bots on the internet, the speaker added. The agency also warns that AI agents could be exploited by criminals for cyber attacks.
Regarding the new OpenClaw service, which has been gaining attention in professional circles over the past few weeks, the BSI currently recommends that it only be used by “IT professionals” who are familiar with configuring and securing servers. “It is advisable to run the service on a dedicated system or in a sandbox” the agency said.
The BSI is particularly critical of the open exchange of the so‑called “Skills” which govern the interaction of the AI with its environment and are shared on various portals. “Numerous skills have been clearly identified as being contaminated with malware” the agency noted.
OpenClaw, also known as ClawdBot and MoltBot, is an open‑source framework for a personal AI assistant. Users can operate the bot through a messenger such as WhatsApp, Telegram or other channels. To function, the service requires a language model that can be run either locally or in the cloud. The BSI warned that a misconfiguration could quickly lead to unauthorized takeover of the server.
