OpenClaw—the AI agentic tool that’s exploded in popularity with over 347,000 GitHub stars—was designed to act just like a user: accessing files, messaging apps, cloud accounts, and more. But a recently patched vulnerability (CVE-2026-33579) shows just how dangerous that level of trust can be.