SECURAAI - PROJECT FERAL
PHASE I.5 - THREAT MODEL + ATLAS

OpenClaw Agentic AI Platform
Security ResearchPHASE I.5

An independent research initiative mapping OpenClaw's agentic architecture across CSA MAESTRO layers, the OWASP ASI Top 10, and now MITRE ATLAS techniques from 4 confirmed case studies. Phase I.5 adds real-world validation, patch coverage analysis, and hardening guidance.

MITRE ATLAS Source: OpenClaw Investigation Report 26-00176-1 (Feb 9, 2026) - atlas.mitre.org
3
Critical
4
High
3
Medium
7
Validated
4
MITRE Cases

About This Research

Project Feral analyzes OpenClaw as a real-world "privileged control plane" (agents + tools + memory + integrations), not a simple chatbot.

Phase I.5 integrates MITRE ATLAS intelligence from 4 confirmed incidents (Jan-Feb 2026): exposed control interfaces, poisoned skill supply chain, one-click RCE (CVE-2026-25253), and C2 via indirect prompt injection.

Threats Identified10 (OC-T01 - OC-T10)
Real-World Validated7 of 10 threats
MITRE Case Studies4 (AML.CS0048-51)
Patch Coverage2 significant, 8 partial

Phase I.5 Additions

This update adds MITRE ATLAS TTP mapping, delta analysis against OpenClaw patches (v2026.2.12-2.13), and implementation-ready hardening configurations.

New FrameworkMITRE ATLAS TTPs
Severity ChangesT05 up, T03 down
Hardening GuideP0/P1/P2 configs

Key Incidents Validated

CVE-2026-25253One-Click RCE (CVSS 8.8) - Patched
ClawHavoc Campaign335 malicious skills - Active
Exposed Instances135,000+ internet-facing
Infostealer TargetingConfig files actively harvested

Research Notice

Published for educational and community benefit. Not affiliated with OpenClaw maintainers. MITRE ATLAS intelligence sourced from Report 26-00176-1 (Feb 9, 2026).

SecuraAI - Project Feral - Phase I.5 - Open Research - Feb 2026
MITRE ATLAS Source: 26-00176-1 - CC BY-NC-SA 4.0