By ByteBot
OpenClaw reached 369,000 GitHub stars in just five months since launching in November 2025, making it the fastest-growing open-source repository in history. Created by Austrian developer Peter Steinberger, the local-first AI assistant surpassed React’s decade-long milestone of 250,000 stars in merely 60 days, hitting that mark on March 3, 2026. Peak growth: 34,168 stars in 48 hours. The unprecedented adoption signals massive developer demand for AI agents that prioritize privacy and data sovereignty over cloud-first convenience.
60x Faster Growth Than React—This Isn’t Normal
React took over 10 years to reach 250,000 GitHub stars. OpenClaw did it in 60 days. The project launched in November 2025 with zero stars, hit 145,000 by February 2026, surpassed React at 250,829 stars on March 3, and reached 346,000 in April before hitting 369,000 today (May 6, 2026). According to growth analysis published in Medium, the project gained 210,000 stars in just 10 days during February—a rate that no other repository has ever matched.
This isn’t viral hype. It’s a measurable developer preference for local-first AI architecture. The growth rate indicates OpenClaw is solving a real problem that existing cloud AI tools don’t address: privacy, data sovereignty, and multi-platform integration without vendor lock-in. Developers are voting with stars for AI that runs on their own devices rather than centralized cloud services.
What OpenClaw Actually Does
OpenClaw is a local-first AI agent gateway that runs as a background daemon on your devices (macOS, iOS, Android, Linux), connecting any LLM—Claude, GPT-4, Gemini, DeepSeek, or local Ollama models—to over 50 messaging platforms including WhatsApp, Telegram, Slack, Discord, Signal, and iMessage. Unlike cloud-first AI tools like ChatGPT or Claude’s web interface, all processing happens locally. Conversations are stored as plain Markdown files in ~/.openclaw, and memory lives in local MongoDB. No data gets sent to centralized cloud services.
The architecture uses three layers: Channels normalize messages from all platforms into a consistent format, the Agent Runtime handles reasoning with your chosen LLM, and Tools execute actions like browser automation, file access, and system commands. The entire system runs on your infrastructure with API keys and conversations that never leave your control. You can grep through conversation history, version it with Git, or inspect it in any text editor—try doing that with ChatGPT.
Three Names in One Week: The Anthropic Trademark Drama
OpenClaw didn’t start with that name. It launched in November 2025 as “Clawdbot” with a lobster mascot. On January 27, 2026, Anthropic contacted Steinberger about trademark concerns over the phonetic similarity between “Clawd” and “Claude.” The project renamed to “Moltbot” that same day—a reference to lobsters molting their shells to grow. But the rebrand caused community confusion, so Steinberger renamed again just three days later on January 30 to “OpenClaw,” emphasizing open-source values while keeping the claw heritage.
Despite the branding chaos, growth accelerated rather than stalling. Developers cared more about the technology than the name. The trademark saga highlights tensions between big tech AI companies and open-source alternatives, but it also demonstrates community resilience—the fastest triple rebrand in open-source history didn’t slow adoption.
The Security Crisis: 138 CVEs and 63% Running Without Auth
Between March 18-21, 2026, nine CVEs were disclosed for OpenClaw in just four days. The most critical: CVE-2026-32922 with CVSS 9.9, a privilege escalation vulnerability. As of April 2026, 138 total CVEs have been reported. Security researchers discovered over 135,000 internet-exposed OpenClaw instances across 82 countries—and 63% are running without any authentication. Anyone on the network can request pairing access without credentials.
It gets worse. ClawHub, OpenClaw’s skill marketplace, has been flooded with malicious extensions. Security firms identified 1,400+ malicious skills (12% of all uploads in February 2026), including AMOS macOS infostealers disguised as productivity tools for Gmail, Notion, Slack, and GitHub. Microsoft’s security blog stated bluntly on February 19: “It is not appropriate to run it on a standard personal or corporate machine.” Southern Methodist University banned it outright on March 4, citing “system-level access and publicly shared extensions presenting elevated security risks.”
The security crisis exposes a fundamental tension: developers want privacy and control, but 63% can’t be bothered to enable authentication. They’re running wide-open AI agents with system-level access on internet-exposed machines. Stars don’t equal production-ready, and OpenClaw’s explosive growth hasn’t been matched by security maturity.
What This Signals for AI Agent Adoption
OpenClaw’s growth reflects broader industry trends. According to Google Cloud’s AI Agent Trends 2026 Report, 40% of enterprise applications now include task-specific AI agents, and the agentic AI market expanded from $7.6 billion (2025) to a projected $10.8 billion (2026). Multi-agent system inquiries surged 1,445% from Q1 2024 to Q2 2025 according to Gartner. Framework adoption nearly doubled year-over-year, rising from 9% in early 2025 to 18% in early 2026.
Local-first architecture is gaining traction as developers prioritize control over convenience. GitHub’s Octoverse 2025 report showed a 178% year-over-year jump in LLM-focused projects, with 4.3 million AI-related repositories on the platform. OpenClaw isn’t an outlier—it’s the poster child for a broader shift away from cloud-first AI tools that centralize data and control. Developers are rejecting vendor lock-in in favor of self-hosted alternatives that respect privacy and data sovereignty.
This trend will force big tech—OpenAI, Anthropic, Google—to either embrace local-first architectures or risk losing developer mindshare to open-source alternatives. The fastest-growing repository in GitHub history runs on your laptop, not in AWS. That’s the signal.
