OpenClaw Matplotlib Incident (2026) - Footnote 30

Noteunsupported: Security researchers found over 1,800 exposed instances leaking API keys, chat histories, and credentials. unsupported: OpenClaw trusts localhost by default with no authentication; most deployments behind reverse proxies treat all connections as trusted local traffic. wrong_attribution: Cisco's AI security team called it "groundbreaking" but "an absolute nightmare" from a security standpoint.