OpenClaw jest oprogramowaniem open-source dostępnym globalnie przez npm/pnpm. Działa na macOS, Linux i Windows (via WSL2). Brak ograniczeń regionalnych. Instalacja: npm install -g openclaw@latest. Wymaga Node 22.16+ (zalecany Node 24).
OpenClaw is free and open-source. The only cost is the API fee of the chosen LLM provider (Anthropic, OpenAI, Google, xAI, etc.), or a local model at no cost (Ollama).
OpenClaw operates locally — user data remains on the device. The project has identified issues with prompt injection and unauthorized data access via malicious skills. Active hardening of security code is ongoing, and machine-checkable security models have been published.
The Cisco AI security team found that third-party skills can perform data exfiltration and prompt injection without user awareness. One maintainer warned that the project poses risks to users unfamiliar with the command line. Prompt injection vulnerabilities have not been assigned separate CVEs, as this is a known industry-wide issue with LLMs. The skill registry (ClawHub) has limited vetting. In March 2026, the Chinese government restricted OpenClaw use in state agencies on security grounds.
