Microsoft is developing an enterprise-grade alternative to OpenClaw, the popular open-source AI agent that runs locally on users' computers, according to reporting from The Information and confirmed to TechCrunch. The move highlights a growing tension in the AI agent ecosystem: OpenClaw's power and flexibility come with significant security vulnerabilities that large organizations simply cannot tolerate. Rather than adopting the existing open-source tool, Microsoft is building its own version with stronger security controls, suggesting that the future of agentic AI (AI systems designed to take autonomous actions on behalf of users) may depend less on open-source standardization and more on proprietary, enterprise-focused solutions .

The new agent would integrate into Microsoft 365 Copilot, the company's existing AI assistant for enterprise customers. Unlike OpenClaw, which runs directly on a user's local hardware, Microsoft's version would likely operate with enhanced governance and security oversight. A Microsoft spokesperson confirmed to TechCrunch that the company is "continuously experimenting as we bring broader orchestration and autonomy to our enterprise and consumer AI experiences while staying anchored in security, governance, and trust" .

Why Is Microsoft Building Yet Another Agent Tool?

Microsoft has announced multiple agent-based tools in recent months, creating what some observers might see as redundancy. In March, the company introduced Copilot Cowork, designed to take actions directly within Microsoft 365 applications rather than simply providing search results or chat responses. Cowork is powered by "Work IQ," an intelligence layer that personalizes the agent's behavior across Microsoft 365 apps and is backed by Anthropic's Claude language model. In February, Microsoft also released Copilot Tasks in preview, an agent designed to handle multistep tasks ranging from email organization to travel planning .

Both Cowork and Tasks run in the cloud, not on local hardware. The new OpenClaw-like agent would differ in a fundamental way: it would be designed to run continuously, taking actions at any time without requiring explicit user prompts. This "always-on" capability is central to what makes OpenClaw appealing to users, but it's also what makes it risky from a security perspective. By building its own version, Microsoft can offer that continuous autonomy while maintaining the security controls that enterprises demand .

What Makes OpenClaw So Popular, and Why Is It So Risky?

OpenClaw has become surprisingly popular among AI enthusiasts and developers, so much so that Mac Mini computers, the preferred hardware for running OpenClaw locally, have been selling at unusually high rates. The tool's appeal lies in its flexibility: it can run on a user's own machine, work with multiple AI models, and perform complex, multistep tasks autonomously. However, this same flexibility creates security vulnerabilities. An agent running locally with broad access to a user's system can potentially be exploited or misused in ways that cloud-based alternatives can prevent .

For enterprise customers, these risks are unacceptable. Companies need visibility into what their AI agents are doing, the ability to audit actions, and mechanisms to prevent unauthorized access or data exfiltration. OpenClaw's open-source nature and local-execution model make these safeguards difficult to implement at scale. Microsoft's enterprise-focused alternative would address these concerns by design .

How Microsoft Plans to Differentiate Its Agent Strategy

• Security and Governance: Microsoft's version will include stronger security controls and governance mechanisms than the open-source OpenClaw, making it suitable for enterprise deployment where compliance and risk management are critical.
• Integration with Existing Tools: The new agent will integrate into Microsoft 365 Copilot, allowing enterprises to manage AI agents within their existing productivity ecosystem rather than adopting a separate tool.
• Continuous Autonomy: Like OpenClaw, the agent would be designed to work continuously and take actions without constant user prompts, reducing friction in daily workflows.
• Personalization Layer: The agent would leverage Microsoft's "Work IQ" technology to personalize behavior across Microsoft 365 applications, learning user preferences and patterns over time.

Microsoft is expected to showcase this new agent, or an upgraded version of one of its existing agentic tools, at its Microsoft Build conference in June, according to The Verge .

What Does This Mean for the Broader AI Agent Ecosystem?

Microsoft's move reflects a larger pattern in enterprise AI adoption: while open-source tools like OpenClaw drive innovation and experimentation, organizations ultimately need proprietary solutions that offer security, support, and accountability. The company's willingness to build multiple agent tools suggests that there is no single "right" approach to agentic AI. Instead, different use cases and customer segments require different architectures .

For developers and organizations considering which agent framework to adopt, Microsoft's strategy offers a clear signal: the future likely belongs to vendors who can balance autonomy and power with security and governance. OpenClaw will continue to appeal to individual users and researchers willing to accept security trade-offs for flexibility. But for enterprises managing sensitive data and complex workflows, purpose-built alternatives with built-in safeguards will become the default choice.

The real question is not whether OpenClaw-like agents are useful, but whether the open-source model can adequately address the security and governance requirements that large organizations demand. Microsoft's answer appears to be no, which is why the company is building its own version rather than simply endorsing or integrating OpenClaw directly.

" }