Quick background: we build adversarial testing software for AI agents — think automated red teaming. We've been building with design partnerships in the Mag 7, Big 4, and red team operators from around the world. We've been focused on enterprise AI security for the past year, testing agents for some of the biggest companies deploying them.
When the OpenClaw moment hit last month, everyone suddenly running powerful agents connected to their file systems, browsers, APIs, and messaging apps, we knew we had to open the platform up. The attack surface OpenClaw creates is genuinely unprecedented, and most people running it have no way to know what's actually vulnerable.
So we built a free tier: one agent, full attack library (250+ patterns), no credit card. It auto-discovers your OpenClaw gateway and tests for jailbreaks, prompt injection, privilege escalation, credential exfiltration, MCP exploitation, cron persistence, memory poisoning — basically everything we test for our enterprise customers.
We're actively developing new attacks specifically for OpenClaw and would love your help:
• Try it out and tell us what's useful (and what isn't): https://ziosec.com/openclaw • If you've found a unique attack vector or developed your own adversarial techniques against OpenClaw, we'd love to hear about it. We're always trying to learn and make this more useful for everyone. • Feedback on what to build next — what would make this actually valuable for how you use OpenClaw? Happy to answer any questions about what we're finding, how the testing works, or AI agent security in general.
aaronziosec•1h ago