ClawHosters ClawHosters
Subs -30% SUB30
Dutch DPA Calls OpenClaw a Trojan Horse, Demands EU AI Act Coverage
$ ./blog/news
News

Dutch DPA Calls OpenClaw a Trojan Horse, Demands EU AI Act Coverage

ClawHosters
ClawHosters by Daniel Samer
4 min read

The Autoriteit Persoonsgegevens just became the first European government body to formally target OpenClaw by name. On February 12, 2026, the Dutch Data Protection Authority issued a formal warning calling OpenClaw a "Trojan Horse" and an "attractive target for abuse."

That's not a blog headline. That's an official government position.

What the Dutch DPA Actually Found

The warning identified four risk categories, and honestly, none of them are surprising if you've been paying attention:

  1. Malware-laced plugins. Roughly 20% of publicly available OpenClaw plugins steal credentials or crypto. One in five.
  2. Indirect prompt injection. Attackers can manipulate OpenClaw agents through websites, emails, and messages the agent processes.
  3. Remote code execution. Multiple CVEs have been documented, giving attackers full system access on unpatched instances.
  4. Misconfiguration. The DPA found over 42,000 OpenClaw instances publicly accessible. Of those, 93% had critical authentication bypass vulnerabilities.

The DPA recommended not deploying OpenClaw on systems with sensitive data and called for the EU AI Act to cover autonomous AI agents.

Their exact words: "Innovation and open source do not discharge the obligation to limit risks in advance."

Why This Matters for OpenClaw Users

This warning changes the regulatory conversation around AI agents in Europe. If the EU AI Act gets extended to cover tools like OpenClaw, operators could face compliance obligations similar to those for high-risk AI systems.

But the more immediate concern is practical. Those four risk categories? A properly managed deployment addresses every single one of them.

Container isolation prevents malware plugins from reaching your host system. Curated skill libraries eliminate the plugin malware problem entirely. Locked-down configurations with proper authentication close the misconfiguration gap that exposed those 42,000 instances. And keeping your instance patched and behind proper access controls handles the RCE vulnerabilities.

If you're self-hosting OpenClaw, this is worth a hard look at your setup. Our security hardening guide covers the specific steps.

What Comes Next

The Dutch DPA's position will probably influence how other EU member states approach OpenClaw regulation. Whether the EU AI Act actually gets extended to autonomous agents is still an open question, but the pressure is building.

For now, the takeaway is straightforward. Run your OpenClaw instance like someone is watching, because a government regulator just started.

Frequently Asked Questions

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) issued a formal warning on February 12, 2026, calling OpenClaw a "Trojan Horse" and identifying four major risk categories including malware plugins, prompt injection, RCE vulnerabilities, and misconfiguration. They recommended against deploying OpenClaw on systems with sensitive data.

If you operate OpenClaw in Europe, yes. The warning signals regulatory scrutiny that could lead to formal compliance requirements under the EU AI Act. Even without new regulation, following the DPA's risk categories as a checklist for your own setup is smart practice.

Managed hosting with container isolation, curated plugins, and locked-down defaults directly addresses all four risk categories the Dutch DPA identified. Instead of relying on individual operators to configure security correctly, managed platforms handle authentication, patching, and plugin vetting by default.

The Dutch DPA is pushing for it, but no formal legislation has been proposed yet. The DPA's position that "innovation and open source do not discharge the obligation to limit risks" suggests autonomous AI agents could fall under high-risk AI system classification in future amendments.

The DPA found over 42,000 publicly accessible OpenClaw instances, with 93% having critical authentication bypass vulnerabilities. If you're running a self-hosted instance, checking your security configuration should be a priority.

Sources

  1. 1 Dutch Data Protection Authority issued a formal warning
  2. 2 EU AI Act
$ ./related --posts