The 360 Security Cloud team has received an official email from Peter, the founder of OpenClaw. In his response, Peter formally confirmed the existence of an unauthenticated WebSocket upgrade vulnerability in OpenClaw Gateway, which was exclusively discovered by the 360 team. 360 has since reported this high-risk vulnerability to the China National Vulnerability Database (CNVD) to assist in cutting off the risk at its source across the network.

The confirmed WebSocket unauthenticated upgrade vulnerability is a zero-day flaw. Attackers can exploit this vulnerability to silently bypass permission authentication via WebSocket, gaining control of the agent gateway. This could potentially lead to exhaustion of target system resources or a complete system collapse.

This incident once again highlights an industry-wide concern: as intelligent agents evolve from mere "dialogue tools" into "execution systems," their security risks are rapidly extending from the model layer to the interface layer, skill invocation chains, and system permission layers. Common hazards during this development phase include publicly exposed interfaces, malicious Skill poisoning, prompt injection, and a lack of behavioral auditing mechanisms. As previously emphasized by 360 Group's founder, the era of intelligent agents requires adhering to the principle of "using models to govern models," constraining and monitoring the entire operation process of intelligent agents through security capabilities.

In response to these risks, 360 has established a core strategy of "using AI to supervise AI, and using Skills to govern Skills." The company has already launched security detection and risk assessment capabilities for intelligent agent deployment, targeted at enterprises and developers. This service, known as "360 Security Cloud · Lobster Protection," precisely identifies risks such as exposed running environments, high-risk vulnerabilities, and the introduction of malicious Skills. Simultaneously, 360 has released an integrated solution for individual users called "360 Security Lobster," which includes a built-in component named "360 Lobster Guard." By isolating the running environment and implementing strict permission control mechanisms, it significantly reduces security uncertainties during the local use of intelligent agents.

The 360 Security Cloud team stated that going forward, 360 will continue to provide support for vulnerability discovery and remediation within the OpenClaw ecosystem, advancing the practical defense capabilities of intelligent agent applications.