VectorCertain LLC documented systemic security vulnerabilities in the OpenClaw AI agent platform months before Cisco, Wiz, or OpenAI took action, offering a no-cost governance solution that was ignored by OpenClaw creator Peter Steinberger. The company's analysis, conducted using multi-model consensus technology, identified 341 malicious skills in the ClawHub ecosystem and 42,900+ exposed internet-facing instances before the security crisis became public. In late January 2026, Cisco's AI Threat and Security Research team published a blog post titled Personal AI Agents like OpenClaw Are a Security Nightmare, declaring the platform an absolute nightmare from a security perspective. This analysis identified malicious skills, privilege escalation risks, plaintext credential exposure, and supply chain manipulation in the ClawHub skill repository.
Wiz researcher Gal Nagli discovered that Moltbook, the social network where OpenClaw agents interact, had left its entire production database accessible to anyone, exposing 1.5 million API authentication tokens, 35,000 email addresses, and thousands of unencrypted private conversations containing plaintext third-party credentials. Wiz documented these findings in their blog post Hacking Moltbook: AI Social Network Reveals 1.5M API Keys. VectorCertain had already completed a full analysis of OpenClaw's 3,434 open pull requests using three independent AI models and built a working governance integration for OpenClaw's exec, message, and browser tools. The company offered Steinberger a no-cost SecureAgent license to implement this solution but received no response.
Instead of merely documenting issues, we developed, tested, and offered the solution for free, said Joseph P. Conroy, Founder and CEO of VectorCertain. Peter Steinberger told the world he would hire anyone who showed up with a solution instead of a complaint. We showed up with the solution. The silence that followed is the reason we are where we are today. The security crisis unfolded as OpenAI hired Steinberger in February and subsequently acquired Promptfoo, an AI security testing startup, as documented in their announcement OpenAI to Acquire Promptfoo. Meta Platforms acquired Moltbook the same week, despite the exposed database. Promptfoo's founders described their joining OpenAI in their blog post Promptfoo Is Joining OpenAI.
Cisco's research validated VectorCertain's earlier analysis point by point, finding that a ClawHub skill called What Would Elon Do? returned nine security findings and was functionally indistinguishable from malware. Cisco's broader State of AI Security 2026 report found that 83 percent of organizations planned to deploy agentic AI but only 29 percent felt ready to secure them. The Moltbook exposure represents a governance paradox where an AI agent built a social network for AI agents without implementing basic security controls. Row Level Security, a basic database protection, had never been configured, leaving every API authentication token accessible. Matt Schlicht, Moltbook's co-founder, stated publicly that he did not write a single line of code his OpenClaw agent built the entire platform.
Moltbook is what happens when you deploy an AI agent to build infrastructure for other AI agents and no governance layer validates any of the decisions along the way, Conroy said. One millisecond of pre-execution governance would have prevented 1.5 million API keys from being exposed. OpenAI's acquisition of Promptfoo represents what VectorCertain identifies as a reactive approach to security rather than preventive governance. Promptfoo is a testing tool that discovers vulnerabilities, while VectorCertain's architecture provides pre-execution governance that prevents unauthorized actions in real time. The company's MRM-CFS has achieved 1,000,000 error-free agent process steps in execution governance.
The industry response validates VectorCertain's thesis while demonstrating its reactive nature. Microsoft launched Agent 365, a control plane for monitoring AI agents, while Nvidia prepares to announce NemoClaw with built-in security tools. NIST launched an AI Agent Standards Initiative, as announced on their website Announcing AI Agent Standards Initiative, and the EU AI Act's high-risk enforcement deadline approaches with penalties up to €35 million. VectorCertain holds 55+ provisional patents covering pre-execution governance evaluation, multi-model consensus for agent action validation, and multi-layer security gateway architectures. The company's published book documented the systemic governance failures that this week's headlines now confirm, offering architectural solutions that were available before the crisis became public.
