China Enhances AI Governance Amid OpenClaw Vulnerabilities

Severity: High (Score: 71.5)

Sources: En.People.Cn, English.News.Cn

Summary

On May 8, 2026, China announced new guidelines for regulating AI agents due to rising security risks linked to open-source technologies, particularly OpenClaw. The Cyberspace Administration of China (CAC), along with other agencies, emphasized safety, controllability, and standardization in AI development. In April, 111 vulnerabilities associated with OpenClaw were reported, including critical access control errors. The National Computer Virus Emergency Response Center identified counterfeit OpenClaw packages containing Trojan viruses, which threaten user data security. The Open Web Application Security Project (OWASP) highlighted agent goal hijacking as a significant threat. Chinese tech firms are developing defense systems to address these vulnerabilities, with Tuya Smart reporting that AI generated 70% of its code last year. The situation reflects a growing global concern over AI agent security. Key Points: • China issued new AI governance guidelines on May 8, 2026, in response to security risks. • 111 vulnerabilities related to OpenClaw were recorded between April 14 and April 28, 2026. • Counterfeit OpenClaw packages with Trojan viruses pose severe risks to user data security.

Key Entities

• Trojan (attack_type)
• China (country)
• CWE-862 - Missing Authorization (cwe)
• OpenClaw (platform)