HKUST ITSO AI Chatbot

Important reminder

Please do not disclose personal data such as your HKUST account number, staff/student ID or name in the chatbot. Information provided will be retained to enhance system performance.

By using the HKUST ITSO Chat service, you confirm that you have read, understood, and agreed to the Disclaimer

Log in to access additional information for your user group in addition to the publicly accessible content.

Send Icon

Cybersecurity Alert: Important information on the security risks of popular AI assistants like OpenClaw

In light of the growing popularity and interest in the AI agent OpenClaw, we are issuing this guidance to ensure our staff and students can explore this technology safely and responsibly.

What is OpenClaw?

OpenClaw is a powerful, open-source AI agent that you can run on your own computer. Unlike a simple chatbot, it can be given "skills" to perform tasks on your behalf, such as managing files, sending emails, running code, and integrating with messaging apps like WhatsApp and Telegram. This power to "do things" makes it a fascinating tool for automation and productivity, but also introduces significant security risks.

Understanding the Risks

It is crucial to understand that OpenClaw is not a standard application. It operates with deep access to your system and any data or accounts it is connected to. The primary risks include:

  • Data and Credential Theft: If compromised, OpenClaw could expose your personal data, research files, passwords, and API keys. Malicious actors are actively targeting OpenClaw's configuration files.
  • System Compromise: The agent could be tricked into downloading and running malicious software, giving an attacker control over your computer.
  • Malicious "Skills": The add-on "skills" that extend OpenClaw's capabilities can be created by anyone, and some have been found to contain malware designed to steal information or create backdoors.
  • Unpredictable Behaviour: The AI may misinterpret your instructions, leading to accidental data deletion or other unintended actions.
  • Prompt Injection: Attackers can hide malicious commands in websites or documents. When the agent processes this content, it may execute the hidden commands without your knowledge.

Guidance for Students

We recognize the immense educational value in experimenting with cutting-edge tools like OpenClaw. To do so safely, you must treat it as a high-risk experiment and isolate it completely from your personal and academic life.

Think of it as a lab experiment: you wouldn't mix unknown chemicals on your personal desk, and you shouldn't run an experimental AI agent in your main digital environment. Please follow the Guidelines for Safe Use.

Guidance for Staff and Faculty

Given the sensitivity of university data, including research, student records, and administrative information, the risks associated with OpenClaw are significantly elevated.

Policy and Recommendations

Strong Caution on University-Managed Devices Installation of OpenClaw on any university-managed computer is strongly discouraged. The tool currently lacks robust security controls required for an enterprise environment and could expose university systems to unacceptable risk. Do not install unless you are absolutely sure you can operate it in a completely safe and isolated manner.
Prohibited for University Work Do not use OpenClaw to access, process, or manage any university data, including research data, student information, financial records, and institutional emails. Connecting the agent to these resources creates a potential security vulnerability.
For Research Purposes If there is a specific research need to evaluate OpenClaw, follow the Guidelines for Safe Use below.


Guidelines for Safe Use

Things To Do Things To Avoid
Verify downloads. Only download OpenClaw (and any related tools) from the official, verified source. Do not install from random links. Be wary of downloads promoted via search results or social media.
Use a dedicated, isolated environment. Run inside a virtual machine (VM) or container (e.g., Docker) separate from your main operating system. Treat this environment as disposable. Do not install OpenClaw on your primary laptop or PC.
Use separate, non-privileged accounts. Create new, dedicated accounts (e.g., a new email address or GitHub account) solely for OpenClaw experiments. Do not connect OpenClaw to your university accounts, personal email, social media, or any account containing sensitive information.
Work only with non-sensitive data. Keep the assistant scoped to non-sensitive resources and disposable test accounts. Do not give OpenClaw access to course assignments (students), university data (staff), passwords, or sensitive personal/financial accounts.
Only install “skills” from trusted sources. Prefer official or well-known community-vetted collections. Do not install “skills” from untrusted sources.
Grant least privilege. Only grant the minimum permissions required for a specific task. Do not run as administrator/root. Avoid broad permissions “for convenience.”
Keep software updated. Always run the latest, patched version of OpenClaw and its dependencies. Do not stay on old versions. Avoid running unpatched releases with known vulnerabilities.


We encourage a culture of innovation, but it must be balanced with our collective responsibility to protect the university's data and systems. The security posture of OpenClaw is still maturing, and we advise a highly cautious approach.

Should you have any questions, please do not hesitate to contact our ITSO Service Desk.

What to read next

Announcement
Network Security Enhancement – Blocking of Specific Network Ports from the Internet
23 December 2025
Announcement
Welcome and Updates on IT Services 2025 for Students
12 September 2025
Announcement
Welcome and Updates on IT Services 2025 for Staff
12 September 2025
Announcement
HKUSTSU Electronics Fiesta 2025
6 August 2025

Support

General Enquiries cchelp@ust.hk
Suggestions & Complaints cclisten@ust.hk
Serviceline +852-2358-6200