The Ministry of Industry and Information Technology (MIIT) issued a "six dos and six don'ts" recommendation on preventing security risks associated with the OpenClaw ("Lobster") open-source intelligen

In response to the security risks of "Lobster" in typical application scenarios, the Cybersecurity Threat and Vulnerability Information Sharing Platform (NVDB) of the Ministry of Industry and Information Technology, together with intelligent agent providers, vulnerability collection platform operators, and cybersecurity companies, proposed a "six dos and six don'ts" recommendation. Among these recommendations, financial transaction scenarios present a significant risk of erroneous transactions and even account hijacking. Deploying "Lobster" by enterprises or individuals and calling financial application interfaces can automate trading and risk control, improving the efficiency of quantitative trading, intelligent investment research, and portfolio management, and enabling functions such as market data capture, strategy analysis, and trading order execution. Countermeasures include: implementing network isolation and least privilege, closing unnecessary internet ports; establishing manual review and circuit breaker emergency mechanisms, adding secondary confirmation for critical operations; strengthening supply chain auditing, using official components, and regularly patching vulnerabilities; and implementing full-chain auditing and security monitoring to promptly detect vulnerabilities.