CVE-2026-22812 (CVSS 8.8) and CVE-2026-22813 (CVSS 9.4) were disclosed in the open source AI coding agent "OpenCode". Shell commands are executed via XSS of an unauthenticated HTTP server and Markdown renderer. The PoC has been published, with over 220,000 instances exposed online.
Composio publishes security analysis of OpenClaw. Approximately 7.1% of SkillHub-distributed skills were found to have critical vulnerabilities, leaving over 30,000 instances exposed to the internet in the early stages at risk of prompt injection and credential theft.
NVIDIA's NemoClaw protects OpenClaw agents with a four-layer sandbox, while Stripe's Machine Payments Protocol enables payments without handing over private keys to agents. How can I safely charge from within the sandbox?
