TechFlow News, March 12: According to Securities Times, the OpenClaw (“Crayfish”) app has recently seen explosive growth in downloads and usage. In response, People’s Finance Information learned from Hong Kong’s Digital Policy Office—the agency responsible for AI policy—that the office has been continuously monitoring the latest developments in artificial intelligence and has recently taken note of potential risks associated with OpenClaw, including excessive permissions, data leakage, and system security vulnerabilities. The office recommends that relevant organizations and individual users adopt robust security measures when deploying and using OpenClaw. Specific recommendations include: strengthening network controls and strictly isolating the execution environment to mitigate risks arising from excessive permissions; enhancing credential management and avoiding storing API keys or other secrets in plaintext within environment variables; rigorously vetting plugin sources to ensure plugin trustworthiness and security; and closely monitoring official patches and security updates, promptly upgrading to newer versions and installing security patches.
It is reported that the Hong Kong Government places high priority on governance and risk mitigation for AI applications, having issued documents such as the “AI Ethics Framework” and the “Hong Kong Guidelines on Generative AI Technologies and Applications.” Additionally, the government has established a comprehensive set of “Government IT Security Policies and Guidelines” for use and compliance by all departments. Departments are required to conduct risk assessments prior to installing any software.
