Ministry of Industry and Information Technology issues "Six Do's and Six Don'ts" recommendations on preventing security risks of OpenClaw ("Lobster") open-source intelligent agents

Odaily Planet Daily reports: Regarding the security risks in the typical application scenario of “Lobster,” the Cybersecurity Threats and Vulnerabilities Information Sharing Platform (NVDB) organized providers of intelligent agents, vulnerability collection platform operators, cybersecurity companies, and others to propose the “Six Do’s and Six Don’ts” recommendations. The suggestions mention that financial transaction scenarios mainly face prominent risks of triggering erroneous transactions or even account hijacking. By deploying “Lobster” through enterprises or individuals, calling financial application interfaces, and performing automated trading and risk control, the efficiency of quantitative trading, intelligent research, and asset portfolio management can be improved, enabling functions such as market data collection, strategy analysis, and execution of trading instructions. Countermeasures include: implementing network isolation and least privilege, closing unnecessary internet ports; establishing manual review and circuit breaker emergency mechanisms, adding secondary confirmation for key operations; strengthening supply chain audits, using official components, and regularly patching vulnerabilities; implementing full-chain audit and security monitoring to promptly detect and address security risks. (Ministry of Industry and Information Technology)