China’s national government has taken decisive action to curb the use of OpenClaw AI within sensitive sectors, issuing directives to state-run enterprises and government agencies — including major banks — advising against the installation of OpenClaw software on office devices. The move marks a significant reversal from the enthusiastic adoption the platform has seen in recent weeks.
Government Directives Cite Security Risks
According to reports from Bloomberg News, the Chinese government has instructed major state-owned banks and government agencies to avoid installing OpenClaw on workplace devices due to security concerns. Employees who have already installed the software are now required to inform their superiors for security assessments and potential removal.
The restrictions target OpenClaw — an open-source AI agent capable of autonomously performing tasks such as file sorting, email management, and internet browsing. The platform’s extensive access to private data and potential vulnerability to external attacks have raised alarms among national security officials.
CNCERT Issues Second Warning
China’s national cybersecurity agency, CNCERT (National Computer Network Emergency Response Technical Team/Coordination Center), issued its second warning on March 10, 2026, specifically highlighting security and data risks associated with OpenClaw adoption.
The agency’s concerns include:
- Prompt injection attacks: Malicious instructions embedded in web pages could trick OpenClaw into leaking system keys and sensitive credentials
- Operational errors: Autonomous task execution could lead to unintended deletion of critical information
- Elevated permissions exposure: OpenClaw’s need for high-level system permissions increases exposure to potential breaches
Contradiction with Local Initiatives
The national restrictions stand in stark contrast to recent subsidy programs announced by local governments in Shenzhen and Wuxi, which offered millions in funding to promote OpenClaw adoption in enterprises. This policy fragmentation reflects the broader tension in China’s AI governance between central security concerns and local economic growth priorities.
What This Means
This directive represents Beijing’s most concrete action yet to control the spread of open-source AI agents within sensitive sectors. The timing is notable — coming just weeks after OpenClaw’s explosive popularity surge in China and shortly after local governments announced generous adoption subsidies.
For enterprises currently using OpenClaw in regulated industries, the directive signals heightened compliance requirements. The restrictions may also impact the platform’s expansion trajectory in China’s financial and government sectors, which represent significant markets for enterprise AI deployment.
The incident underscores the growing global debate around AI agent security, particularly regarding autonomous systems that require broad system permissions to function effectively.