An open-source AI agent smashed every GitHub record, then triggered what CrowdStrike calls the first major AI agent security crisis. We dig into how a burnt-out Austrian developer built it in one hour on a birthday trip to Marrakesh — and why every security vendor on earth wants it gone.

Topics covered:

- How OpenClaw went from side project to 248K GitHub stars in six weeks

- The plain-text 'soul.md' architecture that gives your AI agent a

persistent brain

- Why 93% of exposed instances had zero authentication

- Agent hijacking, wallet-draining malware, and the ClawHub plugin nightmare

-

Real-world use cases: autonomous car negotiation, insurance rebuttals, enterprise sales

- Steinberger's move to OpenAI and what it means for open-source

agents

Timestamps:

00:00 - Introduction: the GitHub record that broke everything

01:30 - Origin story: Peter Steinberger and founder burnout

04:00 - The

trademark scramble: Claude Bot to MoltBot to OpenClaw

05:30 - MoltBook and the viral explosion

07:00 - Architecture deep dive: the gateway, WebSockets, and

plain-text memory

10:00 - OpenClaw vs Claude Code: two philosophies of AI agents

12:00 - The security meltdown: 135K exposed instances

14:30 - Agent

hijacking, ClawHub malware, and wallet drainers

16:30 - 512 vulnerabilities and time-shifted prompt injection

18:00 - Business use cases and the shadow IT

problem

20:00 - Steinberger joins OpenAI: validation or corporate capture?

21:00 - The paradox: digital superpowers vs permanent backdoors

This episode

was produced with NotebookLM from research by Claude.

This podcast episode was generated using NotebookLM's audio overview feature. The source material was researched and curated by the host, with AI assistance in audio production.