China's MIIT Issues OpenClaw Safety Framework: Six Mandatory Practices and Six Prohibitions
What Happened
A unit of China's Ministry of Industry and Information Technology (MIIT) has released the first structured safety framework specifically targeting OpenClaw deployment. The advisory, developed in collaboration with AI agent providers, vulnerability platform operators, and cybersecurity firms, establishes six recommended practices and six explicit prohibitions for organizations and individuals using the open-source agent platform.
The six recommended practices include using only the official latest version of OpenClaw, minimizing internet exposure of agent instances, granting only minimum necessary permissions, exercising caution with third-party offerings in the skill marketplace, guarding against browser hijacking attacks, and maintaining regular vulnerability patching schedules.
The six prohibited practices warn against using outdated or third-party mirror versions, exposing AI agent instances directly to the public internet, enabling administrator accounts during deployment, installing skill packs that require entering passwords, browsing unverified websites through agent-controlled browsers, and disabling detailed log auditing functions.
Why It Matters
This framework represents a significant shift in how China is approaching the OpenClaw phenomenon. Rather than pursuing the outright ban that some observers expected — especially after the CNCERT security alert issued days earlier — the MIIT has opted for a structured governance approach that acknowledges the technology's value while drawing clear security boundaries. The collaborative development process involving industry stakeholders suggests Beijing is trying to build a regulatory consensus rather than impose top-down mandates on a rapidly evolving technology.
The guidelines also implicitly acknowledge the scale of shadow IT adoption that has characterized OpenClaw's spread in China, where individual employees and teams have been deploying agents without institutional oversight.
What's Next
The framework will likely serve as the template for provincial and municipal implementation guidelines. Organizations operating in regulated sectors — banking, healthcare, critical infrastructure — should expect additional sector-specific requirements. The prohibition against third-party skill packs requiring password entry may accelerate development of enterprise-grade skill marketplaces with centralized vetting and auditing.