Introducing Astrix’s OpenClaw Scanner: A Practical Step Toward Reducing AI Agent Risk
Astrix is introducing today a complementary tool, OpenClaw Scanner, to detect deployments of the open-source AI assistant OpenClaw, also known as MoltBot, across organizations' environments. OpenClaw is a textbook example of the danger posed by shadow AI agents operating outside organizational oversight, as these autonomous agents run on employees' endpoint devices, execute commands, access local files, and authenticate to internal and SaaS systems.
The OpenClaw Scanner relies on read-only EDR telemetry, runs locally, and doesn’t execute anything on endpoints. This tool represents a specific, standalone capability derived from the core Astrix Security Platform, released as a free resource to the global security community to address immediate security gaps, providing security teams with immediate visibility into a growing blind spot without requiring new infrastructure or agent deployment.
Check out this video to see how the OpenClaw Scanner works:
Why use the OpenClaw Scanner?
Almost 2 weeks ago, researchers exposed widespread exposure and authentication weaknesses across publicly accessible OpenClaw instances (check out our recent analysis of the OpenClaw/MoltBot vulnerability). Since then, we alerted Astrix customers about employees who had deployed OpenClaw on corporate endpoint devices—often with critical misconfigurations. In several cases, these setups could have enabled attackers to gain remote access to employee devices and establish persistent access to sensitive corporate systems such as Salesforce, GitHub, and Slack by leveraging exposed API keys, OAuth apps, cloud credentials, and other non-human identities (NHIs) granted to the agent. In most cases, these agents and associated NHIs lack clear ownership, monitoring, or lifecycle controls, and many hold long-lived access tokens to sensitive systems.
To assist security professionals in mitigating this threat, regardless of whether they are Astrix customers, we are releasing Astrix’s OpenClaw Scanner, a new complementary tool designed for teams who want a fast, low-friction way to uncover OpenClaw agents operating within their environment, with relevant context for quick mitigation.
What Astrix’s OpenClaw Scanner is for
OpenClaw Scanner is purpose-built to help identify whether OpenClaw agents are running in your corporate environment and surface evidence of that activity using data they already have.
The scanner analyzes existing EDR telemetry to detect behavioral patterns associated with OpenClaw execution on endpoints, rather than relying on static package names or simple file checks. It does not install agents, run commands, or transmit data outside the organization.
Astrix’s OpenClaw Footprint Scanner is not meant to be a static snapshot of AI agents. Its purpose is to help teams begin to understand context: where agents are running, how they behave, and why that behavior matters from a risk perspective.
How the OpenClaw Scanner works
Unlike other detection tools, the OpenClaw Footprint Scanner does not execute scripts or commands on employee endpoints. It relies entirely on read-only access to existing EDR logs, which makes it safer to run and easier to deploy at scale. This design aligns with how large organizations operate: strict change control, minimal endpoint risk, and the need to deploy quickly across thousands of devices without disrupting users.
The OpenClaw Footprint Scanner:
- Connects to existing EDR platforms such as CrowdStrike, or Microsoft Defender using read-only access
- Runs locally inside the organization’s environment as a Python-based script
- Requires no endpoint execution, no new infrastructure, and no cloud connectivity
- Produces a portable HTML report that stays entirely within the local perimeter
Astrix does not receive credentials, telemetry, or scan results.
How to install
The OpenClaw Scanner is available via PyPI and can be installed with a single command:
$ pip install astrix-openclaw-scanner
Usage: Once installed, run the tool using:
$ astrix-openclaw-scanner crowdstrike --client-id YOUR_CLIENT_ID --client-secret YOUR_CLIENT_SECRET $ astrix-openclaw-scanner microsoft_defender --client-id YOUR_CLIENT_ID --client-secret YOUR_CLIENT_SECRET --tenant-id YOUR_TENANT_ID
For detailed usage examples, filtering options, and configuration parameters, visit our documentation at PyPI.
Scanning for OpenClaw Agents with 3 simple steps
- After running the scanner, using the tool is straightforward and user-friendly: once the process is complete, you simply open the local HTML link, which launches the UI. Within the interface, you can view a centralized summary of all OpenClaw detections across all endpoints in the organization, presented in a clear dashboard that provides an immediate snapshot of your exposure.
2. By clicking on a specific detection, a detailed window opens showing all the information identified about that instance, including user and device details.
3. To take action, you can use the built-in Remediation Guide, which provides step-by-step instructions on how to address the finding and remove the tool from the system if desired.
What’s next
If OpenClaw agents are present in your environment, the immediate priority is to understand the exposure. That means identifying where agents are running, which non-human identities they use, what systems they can access, and what actions they are capable of taking.
This tool helps establish that baseline. From there, teams can determine where controls, ownership, and governance are missing and what needs to change to reduce risk.
OpenClaw Is Just the Tip of the Iceberg — The Astrix Platform Is the Solution
While OpenClaw is just one example of an agent that can pose a serious risk, there are many other autonomous agents operating in the shadows with access to sensitive systems that IT and security teams may not even be aware of. To prevent similar incidents before they occur and reduce your overall attack surface, check out how the Astrix platform helped our customer identify and remove this threat on day one of publication, as shown in the video below. Sign up for a demo today.
