When the Wrapper Economy Outruns the Security Response

On February 3, 2026, The Register called OpenClaw a "security dumpster fire." One day later, the same publication reported that cloud providers were rushing to deliver OpenClaw-as-a-service offerings.

Twenty-four hours apart.

I wrote about OpenClaw's security collapse two weeks ago---nine vulnerability classes, 42,665 exposed instances; a one-click RCE not patched until January 30. The ecosystem's response to that crisis was not to slow down. It was to accelerate.

Within days of OpenClaw crossing 150,000 GitHub stars, an entire economy of hosting providers, managed services, and "enterprise-ready" wrappers appeared---from cloud giants like Alibaba and DigitalOcean to two-person startups backed by Y Combinator. Gartner's assessment of the underlying product: "It is not enterprise software. There is no promise of quality, no vendor support, no SLA." Their recommendation: "Immediately block OpenClaw downloads and traffic."

The wrapper companies are selling trust around a product that the industry's most cited analyst firm told you to block.

The Ecosystem That Appeared Overnight

Start with the poster child. Klaus, built by a YC-backed startup called Bits, promises a hosted OpenClaw instance set up in three minutes. Two founders. Two employees. Their marketing claims include "malware protection"---undefined, unaudited---and they pre-configure Moltbook integration by default; this is the same Moltbook whose database leaked 1.5 million API keys in January.

Klaus launched while Snyk was still finding that 7.1% of all ClawHub skills leaked credentials; Koi Security was simultaneously cataloging 341 malicious ones.

They are not alone. OpenClawd.ai appeared in late January claiming "security built into the infrastructure layer." MyClaw.ai published a press release on February 5 calling itself "the world's first fully managed" OpenClaw deployment, starting at $9 per month, with "full root-level access" to each instance---marketing the core security risk as a feature. MyClawHost, OpenClaw Host, Kilo Claw, BoostedHost: all appeared within days.

The cloud providers moved just as fast. DigitalOcean added one-click deployment; Alibaba Cloud launched across 19 regions at $4 per month; Tencent Cloud followed with one-click installs for its Lighthouse service.

Then came the picks-and-shovels crowd. One indie hacker reported $3,600 in month one; another closed a five-figure deal by day five. Setup consulting, skill development, templates---the gold rush playbook, executed in real time.

For context: OpenClaw went from 9,000 to 157,000 GitHub stars in 60 days---roughly 1,667 stars per day. Kubernetes took approximately three years to reach 100,000 stars, about 91 per day. OpenClaw's growth rate was 18 times faster. The wrapper ecosystem materialized at a pace that makes Docker's early hosting boom look leisurely.

The Trust Chain

Walk through the dependency chain that connects these wrapper companies to your enterprise.

• Link one: Peter Steinberger, a solo developer who builds with what he calls "ambient programming" and has said publicly that he ships code he has never read.

• Link two: the OpenClaw codebase itself, with nine independent vulnerability classes documented by security researchers; a one-click remote code execution vulnerability that scored 8.8 on the CVSS scale and was not patched until January 30.

• Link three: ClawHub, the extension marketplace, where between 7% and 20% of all skills were found to be malicious---341 deploying malware, 283 leaking credentials.

• Link four: a wrapper company that appeared last week, run by a two-person team, with no SOC 2 certification, no published security documentation, and no third-party penetration test.

• Link five: your enterprise.