China's National Security Bureau Releases "Lobster" Safe Farming Manual

Mars Finance News: On March 17, the Chinese Ministry of State Security issued a security alert regarding the recently popular open-source AI agent tool OpenClaw (nickname “Lobster”). The alert states that such high-privilege AI agents can improve efficiency but also pose security risks such as host control, data leaks, and information misuse. Users are advised to use them rationally and strengthen security measures.

The alert notes that “Lobster” integrates communication software with large language models and, combined with high-privilege system access, can execute user commands directly to complete tasks, enabling a shift from “providing suggestions” to “automatic execution.” Its plugin system supports functions like file management, email drafting, scheduling, and web browsing, and it has long-term memory and proactive task triggering capabilities. Some users refer to it as “raising Lobster.”

Security agencies warn that improper configuration may lead to risks such as remote takeover of devices due to high-privilege operation, theft of sensitive data, social media accounts being used to spread false information, and system attacks via malicious plugins.

To reduce risks, users are advised to follow the principle of least privilege when running the AI, encrypt sensitive data, deploy in isolated environments like virtual machines or sandboxes, and regularly check plugin sources, access permissions, and system logs. Avoid exposing core devices directly to the public internet.