This Is What Clawdbot Was Missing

OpenClaw (formerly Claudebot/Moltbot) is a self-hosted AI assistant with significant security vulnerabilities and cost concerns. Security issues include credentials stored in plain JSON files, malicious community skills, and prompt injection risks. The architecture sends full conversation context with each query, causing high token costs ($128/month for a single daily cron job) and increasing response times (2-119 seconds). Mitigation strategies include using Docker sandboxing, limiting skill installations, setting API budget alerts, using models with built-in guardrails, and running in isolated environments without sensitive data access.