AI assistant Clawdbot, which is gaining viral attention, faces a security vulnerability that could leak personal information and API keys, Cointelegraph reported on Jan. 27 local time.

According to blockchain security firm SlowMist, exposure of the Clawdbot gateway has increased the likelihood that hundreds of API keys and private chat records could be leaked. Security researcher Jamison O'Reilly (제이미슨 오레일리) pointed out that an authentication-bypass flaw emerged after the Clawdbot server was placed behind a misconfigured proxy. He said exposed servers can be easily found by using internet-scanning tools to search for specific fingerprints in HTML.

He warned that this could allow access to API keys, bot tokens, OAuth secrets, signing keys, full conversation logs, and even permissions to send user messages and execute commands. Clawdbot is an open-source AI assistant that runs on user devices. It connects large language models (LLMs) to messaging platforms and executes commands on behalf of users through a web administration interface called Clawdbot Control.

Arkestra AI CEO Matvei Kukui (마트베이 쿠쿠이) demonstrated that Clawdbot could be abused to threaten cryptocurrency security and disclosed a method for extracting private keys. Clawdbot has full access to a user's system, enabling file read and write, command execution, script execution and browser control. SlowMist recommended applying a strict IP whitelist to exposed ports and warned about security vulnerabilities in AI agents.