Minghui Xu

Open-source code agents like OpenClaw are sitting ducks for shell command attacks, but a simple human-in-the-loop intervention can dramatically boost their security.

MCP-based AI systems are alarmingly vulnerable to caller identity confusion, allowing unauthorized access to sensitive tools and operations after just one initial authorization.

Embodied AI's failures aren't just LLM or CPS problems; they arise from embodiment itself, where safe-seeming decisions cascade into real-world chaos.

Blockchain could unlock true AI agent autonomy by providing the missing infrastructure for independent economic activity, from identity to payments.