← Back to stories Close-up of freshly harvested shrimp showcasing the vibrant colors and texture of the seafood.
Photo by ManojMk Brucelee on Pexels
虎嗅 2026-03-10

“Everyone Is Raising Shrimp”: OpenClaw frenzy exposes hype, cost and security gaps

The craze sweeps China — and it looks like a status symbol

A new wave of enthusiasm for OpenClaw — the open‑source, locally deployable personal AI agent (nicknamed “龙虾” online) — has turned into a social fever across the Chinese internet. Volcano Engine (火山引擎) and Tencent (腾讯) recently pushed easy access builds and bundles of integrations that let users run system‑level agents from a browser or a desktop. The promise is seductive: Excel editing, code execution, automated posting to messaging apps, and a “cyber proxy” that can control your OS without cloud roundtrips. So why are so many rushing to install something they barely understand?

Technical promise, painful reality

OpenClaw’s system‑level capabilities and flexible skill system do accelerate agent‑style workflows — but deployment is only the start. Users must build internal skill libraries, craft configuration files, integrate APIs, and perform continual human tuning for anything beyond trivial tasks. It also eats tokens fast; novice users have reportedly exhausted free quotas in hours and run up unexpected bills. Security researchers have raised red flags. It has been reported that a third‑party analysis found roughly 12% of skills on the OpenClaw plugin market contained malicious code, and Cisco Talos warned that credentials are often stored in plain JSON on disk, calling the design “a recipe for disaster.” Cisco’s team has reportedly identified hundreds of thousands of publicly exposed OpenClaw instances and large numbers of leaked API keys tied to providers including Anthropic, OpenAI and AWS.

Corporate and regulatory reactions — and a booming service economy

Enterprises have begun to react. It has been reported that Samsung and SK issued bans on running OpenClaw on corporate devices. Meanwhile, major Chinese platforms — from Tencent to ByteDance (字节跳动) — are packaging their own agent offerings, and a secondary market has sprung up selling one‑click installers, deployment services and paid training. Local governments have reportedly even floated subsidy schemes to support “shrimp‑raising” adoption. The result? A monetized funnel that trades on FOMO: buy an install, buy a course, buy customization. Is the buyer getting productivity or just emotional insurance against being left behind?

What this reveals about AI adoption

The OpenClaw episode highlights a recurring pattern in China’s tech ecosystem: rapid uptake driven more by social signaling and fear of missing out than by clear–measured ROI. With cross‑border API dependencies and security weaknesses, the rush to adopt experimental agents creates real operational and geopolitical risk — at a time when AI data flows and export controls are under heightened scrutiny. For most organizations and individual users, patience and careful evaluation will pay off more than being first to “raise shrimp.”

AI
View original source →