When I first heard about OpenClaw, it sounded amazing. Or, at least I thought it sounded amazing. An AI agent that will run your personal life, keeping your inbox and calendar in line? Acting on my behalf overnight, doing the research I need even when I’m not asking for it? But my inner skeptic kicked in pretty loudly: Can I actually trust an AI agent to do all of that?

Security professionals weighed in pretty quickly: You shouldn’t without some meaningful guardrails—and even then, given all of the power the AI agent will have, you might want to think twice. Reddit has also been full of cautionary tales from people who should know better about OpenClaw agents going rogue, deleting data, introducing malware and doing things the user doesn’t want. A new study from enterprise cybersecurity provider Ivanti finds that 77% of cybersecurity professionals are willing to trust AI agents to make decisions without their input, so this isn’t necessarily surprising.

I spoke with Ivanti Chief Legal Counsel Brooke Johnson about it, and she said that CIOs—and everyone else—need to remember that AI agents’ actions have the same legal weight as those of people, which means they carry real liabilities. I talked to her about what CIOs need to consider, and an excerpt from our conversation is later in this newsletter.

This is the published version of Forbes’ CIO newsletter, which offers the latest news for chief innovation officers and other technology-focused leaders. Click here to get it delivered to your inbox every Thursday.

The Trump administration has backtracked a bit on its stance against any AI regulations. This week, the Commerce Department announced agreements with Google, Microsoft and xAI to allow the government to review new AI models before they are publicly released. The reviews will be done by the Center for AI Standards and Innovation, an agency under Commerce’s National Institute of Standards and Technology.

It’s not clear what these reviews will entail or if the government will require companies to make changes if issues are found. Frontier AI systems have had several well-publicized issues, ranging from OpenAI’s chatbots giving weapon-making instructions to Anthropic’s very tightly controlled Mythos platform, which can find critical cybersecurity vulnerabilities in seconds. In a blog post, Microsoft writes that it expects to be working with CAISI to test AI systems in ways that probe unexpected behaviors, like automobile crash tests.

It’s also unclear if politics will come into this process. Following a high-profile dispute with Anthropic over a Pentagon contract—in which the government rejected limits on how the AI platform could be used—Anthropic has been........

© Forbes