The OpenClaw Debate: Is It 2% Substance and 98% Hype?

Two tweets. Same week. Completely opposite conclusions.

Andriy Burkov, a machine learning expert whose textbook has been read by hundreds of thousands of engineers, looked at OpenClaw and posted two words and two numbers: "2% substance, 98% hype." Eight hundred and fifty-one people hit the like button.

Meanwhile, 89 indie hackers using OpenClaw to run actual businesses reported their numbers. Sixty-seven percent were generating revenue. A third had crossed four figures monthly. The median time to set up an agent-powered business? Three point two hours.

So which is it? A hype bubble wrapped around an empty shell, or a genuine platform that people are making real money with?

We have been tracking OpenClaw since January. We wrote about what it is when most people were just hearing the name. We covered the security vulnerabilities when the rest of the internet was posting demo screenshots. We analyzed the $28/month company built on the platform. We covered Karpathy calling it a vibe coded monster.

We have seen both sides. Here is what we actually think.

The Case for OpenClaw: Real Money, Real Growth

Let's start with the evidence that matters most to a business owner. Not GitHub stars. Not Twitter impressions. Revenue.

Those 89 indie hackers are not hypothetical. They are people building real things — customer support agents, content pipelines, competitor monitors, lead qualification systems — and charging clients for them. The survey identified 10 distinct agent business model types. The median setup complexity was 3.2 hours. Not 3.2 weeks. Hours.

That tracks with what we have seen ourselves. The gap between "I have an idea for an AI-powered service" and "I have a working prototype" has collapsed. Tools like OpenClaw bring the setup cost close to zero, which means you can test a business idea in an afternoon instead of a quarter.

Greg Isenberg, who has 1.8 million followers and runs a startup studio, said something that got our attention: "Skills are the new APIs." He was talking about ClawHub, the marketplace where developers publish add-on capabilities for OpenClaw. His point was that we are watching a new app store form in real time — one where the apps are not programs you download but capabilities you plug into an AI agent.

He is not wrong. The pattern is real.

The ecosystem is expanding beyond software. VisionClaw brings agent capabilities to physical hardware — cameras, sensors, embedded devices. Unusual Whales, a financial analytics platform, integrated with OpenClaw for automated market analysis. Aight and QuickClaw brought agent functionality to mobile — QuickClaw hit 1,400 downloads on its first day.

This is not vaporware. Products are shipping. People are paying.

The Case Against: A Security Dumpster Fire

Now let's look at the other side. And the other side is ugly.

Andrej Karpathy — former Senior Director of AI at Tesla, founding member of OpenAI, Stanford PhD, one of the five or ten most credible voices in artificial intelligence — looked at OpenClaw's codebase and called it a "400K lines of vibe coded monster." He endorsed Nanoclaw, a stripped-down alternative with just 4,000 lines of clean, human-reviewed code. His tweet got 15,900 likes. We covered his critique in detail.

Karpathy was not making a casual observation. He was saying that the codebase is too large, too AI-generated, and too poorly understood for anyone to secure it properly. Four hundred thousand lines that no single person fully reviewed. That is not a feature. That is an attack surface.

The security record backs him up.

CVE-2026-25253 is a one-click remote code execution vulnerability. In plain English: if OpenClaw is running on your computer and you click a malicious link, an attacker can take control of your machine. One click. Full access. That is as bad as vulnerabilities get.

That was not an isolated incident. Three high-impact CVEs have been disclosed in recent weeks. The Register — a technology publication known for measured reporting — called the situation a "security dumpster fire." Laurie Voss, the founding CTO of npm (the package manager that runs most of the internet's JavaScript), agreed.

And then there is ClawHub. Remember that app store Greg Isenberg was excited about? Koi Security, a research firm, found 341 malicious skills on the platform. Three hundred and forty-one add-ons that look like useful tools but contain code designed to steal data, access accounts, or compromise systems.

Let that math sink in. The marketplace that is supposed to make OpenClaw more useful is also making it more dangerous. Every skill a user installs is a trust decision, and there is no reliable way to verify that trust.

The "Meh" Middle

Between the enthusiasts and the critics, there is a third group. The people who actually tried OpenClaw and found it... fine. Underwhelming. Not terrible, not transformative.

Julian Goldie, a content creator, tested OpenClaw live on camera. His conclusion was blunt: "Meh." The reality of using it did not match the demo videos he had seen. Tasks took longer than expected. Results were less polished. The gap between what OpenClaw looked like in a carefully edited YouTube tutorial and what it did in a real workflow was significant.

This is the experience most people have with most AI tools right now. The demos are electric. The daily usage is decent. The distance between those two things is where the hype lives.

We have seen this pattern before with every technology wave. The early adopters post their best results. The skeptics post their worst experiences. The truth sits in the middle — boring, qualified, full of caveats.

OpenClaw can do real things. It can also frustrate you. Both of those statements are true at the same time.

The Question You Should Actually Be Asking

Here is where most articles about OpenClaw make a wrong turn. They try to answer the question "Should I use OpenClaw?" as if the platform itself is the point.

It is not.

The real question is: should you care about AI agents? And the answer to that question is an unambiguous yes — regardless of what you think about OpenClaw specifically.

AI agents that can handle multi-step tasks across your business tools — answering customer inquiries, monitoring competitors, managing social media, processing invoices, routing service calls — that is where business technology is heading. We wrote about why 2026 is the year of AI agents and the trend has only accelerated since.

OpenClaw happens to be the loudest name in that space right now. But it is one implementation of a much bigger idea. If OpenClaw disappeared tomorrow, the concept of AI agents doing real work for businesses would not disappear with it. Agent Zero, an open-source alternative that runs in Docker isolation with genuine security innovations, has 13,000 stars and a fundamentally different approach to the same problem. Nanoclaw, the project Karpathy endorsed, is building the same capabilities in 4,000 clean lines instead of 400,000 messy ones.

The tool matters less than the category.

A plumber in Asheville does not need to have an opinion about OpenClaw versus Nanoclaw versus Agent Zero. What that plumber needs to understand is that a $30/month AI agent could be answering his phone at 2 AM, scheduling service calls, and sending appointment reminders — while he sleeps. Whether that agent runs on OpenClaw or something else is a technical detail. The business impact is the same.

Our Honest Assessment

We have been watching this space professionally for months. Here is what we think, stated plainly.

The concept is real. AI agents that complete multi-step business tasks are not hype. The revenue numbers from indie hackers are real. The businesses being built on agent platforms are real. The productivity gains are real. This category is going to be enormous.

This implementation has serious problems. OpenClaw's security track record is genuinely alarming. Three critical CVEs in weeks. Hundreds of malicious skills on the official marketplace. A codebase so large and AI-generated that auditing it meaningfully may not be possible. These are not theoretical risks — they are documented, confirmed, and ongoing.

The "2% substance, 98% hype" take is too harsh. Burkov is a serious researcher, but his framing dismisses real revenue being generated by real people. When 67% of users report making money and a third have crossed four figures monthly, calling the entire thing 98% hype does not hold up against the data. It is more like 30% substance, 50% potential, and 20% genuine danger.

The security critics are not wrong. Karpathy, Laurie Voss, The Register — these are not reactionaries looking for attention. Their concerns are specific, documented, and serious. A tool that connects to your email, calendar, messaging apps, and file system needs bulletproof security. OpenClaw does not have that. Not yet.

Speed of growth is not the same as maturity. OpenClaw's growth is real. 145,000+ GitHub stars, an expanding ecosystem, mainstream media coverage, hardware integrations. But fast growth and production readiness are different things. Facebook launched with security holes too. The difference is that Facebook was not running on your computer with access to your bank login.

What You Should Actually Do

If you are a business owner reading this, here is the practical takeaway.

Do not install OpenClaw on any machine with access to business data. We said this in January. We said it when Karpathy weighed in. We are saying it again. The security risks are real, documented, and unresolved. This is not fear — it is risk management.

Do start thinking about which parts of your business an AI agent could handle. What tasks does your team do every day that follow a predictable pattern? Customer inquiries, scheduling, follow-ups, data entry, social media, competitor monitoring. Write them down. Those are your agent candidates. Our guide on building your first AI workflow walks through this step by step.

When you are ready to act, use established tools with security teams behind them. Commercial AI platforms from Anthropic, OpenAI, and Microsoft come with vulnerability response processes, security audits, and accountability. Open-source alternatives will mature — but for anything touching real customer data or real money, use tools built by organizations that have something to lose when things go wrong. Our post on evaluating AI vendors has the specific questions to ask.

Watch the space, but do not rush. The best time to adopt a new technology is not when it is brand new and everyone is excited. It is six to twelve months later, when the security holes have been patched, the documentation has improved, and the people who went first have published what went wrong. We are in the "everyone is excited" phase with OpenClaw. The "ready for your business" phase comes next.

Do not confuse the platform with the trend. OpenClaw might succeed. It might get replaced by something better. Either way, AI agents that automate real business tasks are coming — and the businesses that understand the concept now will adopt faster when the right tool arrives. That conceptual understanding is worth more than any specific platform allegiance.

The Bottom Line

Is OpenClaw 2% substance and 98% hype?

No. The substance is real. People are making real money. Real products are shipping. The ecosystem is growing in directions — hardware, finance, mobile — that indicate genuine utility, not just developer excitement.

But the hype is also real. The demo videos are better than the daily experience. The security situation is genuinely dangerous. The codebase is so large and AI-generated that the people building on it may not fully understand what they are building on.

The truth, as usual, is more boring than either extreme. OpenClaw is an immature but genuinely useful platform with serious security problems, real revenue potential, and an uncertain future. That is not a tweet that gets 851 likes. But it is honest.

The plumber in Asheville does not need to pick a side in this debate. He needs to know that the technology underneath it — AI agents that do real work — is coming for every industry. When it arrives in a form that is secure, reliable, and simple enough to trust with his customer data, it will change how he runs his business.

That day is not today. But it is closer than most people think.

---

Blue Octopus Technology helps businesses adopt AI tools safely — cutting through the hype to find what actually works. If you want an honest assessment of whether AI agents make sense for your business, let's talk.