OpenClaw safety paper exposes agent architecture flaws

Agent security is fundamentally an architectural problem, not just a model alignment issue.

• –Poisoning an agent's state triples the vulnerability of even the strongest LLMs, proving model-side safety is insufficient.
• –Existing defenses like file protection are impractical, blocking 97% of attacks but also halting legitimate system updates.
• –The research highlights the critical need for a deterministic authorization boundary before any action executes.
• –If compromised state reaches execution, attacks remain viable regardless of underlying model quality.