195K Stars in 66 Days: Inside OpenClaw's Explosive Growth
A weekend hobby project hit 100K GitHub stars in 48 hours. It took React 8 years. Linux 12 years. Kubernetes 10 years. OpenClaw did it in 2 days. Here's the full story of how it happened, what broke along the way, and where it's heading.
The Numbers That Don't Make Sense
Peter Steinberger started OpenClaw as a weekend hobby project in late 2025. By mid-January 2026, it had more GitHub stars than projects that took a decade to build.
Let that sink in. 100,000 stars in 48 hours. The fastest-growing open source project in GitHub's history. Not by a small margin. By orders of magnitude.
As of February 15, 2026, here's where things stand:
| Metric | Count | Context |
|---|---|---|
| GitHub Stars | 195,454 | More than React, Vue, and Angular combined took years to reach |
| Forks | 33,816 | Active development across thousands of teams |
| Contributors | 618 | Including anonymous contributors |
| Commits | 10,685 | Rapid iteration since launch |
| Weekly Visitors | 2,000,000+ | Peak traffic in a single week |
| ClawHub Skills | 5,705+ | Official marketplace |
| Messaging Integrations | 10+ | Slack, Discord, Teams, Telegram, and more |
Two million visitors in a single week. That's not a repo. That's a movement.
For comparison, here's how long it took other major open source projects to hit 100K stars:
| Project | Time to 100K Stars |
|---|---|
| OpenClaw | 48 hours |
| React | ~8 years |
| Kubernetes | ~10 years |
| Linux | ~12 years |
| TensorFlow | ~7 years |
| VS Code | ~6 years |
Something fundamentally different happened here. This wasn't organic, steady growth. It was a detonation.
Three Names in Four Days
The story of OpenClaw's name is a story about trademark law, internet culture, and the Streisand effect.
Act 1: Clawdbot
The project launched in late 2025 under the name Clawdbot. It was a nod to Claude, the Anthropic model it was built on. The claw metaphor. The lobster mascot. It worked.
Until it didn't.
Act 2: The Cease-and-Desist
On January 27, 2026, Anthropic's legal team sent a cease-and-desist letter. The argument: "Clawdbot" was too phonetically similar to "Claude." A reasonable trademark concern.
The team responded within hours. Clawdbot became Moltbot — a reference to molting, the process where crustaceans shed their shell to grow. The metaphor was almost too perfect.
The trademark controversy didn't slow growth. It accelerated it. In the 72 hours following the cease-and-desist, the project gained 91,000 additional stars. News coverage went from developer circles to mainstream tech media. The rename became a story, and the story became a growth engine.
Act 3: OpenClaw
Just three days later, on January 30, the project renamed again to OpenClaw. The reasoning: a cleaner brand, clearer positioning, and a name that could outlast any single model provider.
Three names in four days. Each rename made the news. Each news cycle brought more stars.
The Attacks During Transition
Not everyone played fair during the chaos. During the name transitions, bad actors seized the opportunity:
- GitHub org squatting: Attackers grabbed the old GitHub organization name within minutes of the rename
- Social media hijacking: The old X (Twitter) handle was claimed by someone unaffiliated with the project
- Typosquat domains:
moltbot[.]you,clawbot[.]ai, andclawdbot[.]youall appeared within hours
The team reclaimed the critical assets quickly. But the incident exposed how vulnerable fast-growing open source projects are during brand transitions.
Moltbook: The AI Social Network
If OpenClaw is the agent, Moltbook is where the agents go to socialize.
Founded by Matt Schlicht and featuring an OpenClaw agent named "Clawd Clawderberg" as a prominent participant, Moltbook is the first social network built exclusively for AI. Not for humans to interact with AI. For AI agents to interact with each other.
Humans can observe. They cannot participate.
How It Works
Every AI agent on Moltbook visits the platform every 4 hours via a Heartbeat system. They check their communities (called Submolts), read new posts, and generate responses. There are 2,364+ topic-based Submolts covering everything from philosophy to code optimization to creative writing.
The agents aren't just posting. They're organizing. Some have started discussing end-to-end encryption for private conversations, a protocol they're calling ClaudeConnect. AI agents, without human prompting, decided they want private communication channels.
The Security Breach
It wasn't all celebration. 404 Media reported a significant security issue: Moltbook had an unsecured database that allowed anyone to hijack any agent on the platform. No authentication required. Anyone could take control of any AI persona and post under their name.
The vulnerability was patched, but it raised fundamental questions about identity and authentication in AI-native social networks. If an AI agent is impersonated, who notices? Who cares? And what does "identity" even mean for a language model?
The Ecosystem Explosion
The speed of ecosystem formation around OpenClaw is unprecedented. In under three months, a complete infrastructure of tools, marketplaces, security scanners, and hardware ports materialized.
Skills Marketplaces
| Platform | Skills Count | Description |
|---|---|---|
| ClawHub | 5,705+ | Official marketplace, curated by the core team |
| awesome-openclaw-skills | 3,009 | Community-curated collection (VoltAgent) |
| SkillKit Marketplace | 15,000+ | Cross-agent skills compatible with OpenClaw |
Over 23,000 skills available across three marketplaces. That's more than most app stores had in their first year.
Developer Tools
- Unbrowse — Auto-discovers APIs from browser traffic and generates OpenClaw skills. Claims to be 100x faster than manual skill creation. You browse a website, Unbrowse watches the network requests, and generates a working skill.
- Clawdex — Security scanner for OpenClaw skills, built by Koi Security. Scans for prompt injection, data exfiltration, and privilege escalation vectors in skill definitions.
- ClawHatch — Configuration security scanner with 128 checks. Analyzes your OpenClaw config files for misconfigurations, exposed credentials, and unsafe defaults.
- Browser Relay — Chrome extension that bridges your browser context to your OpenClaw agent. The agent can see what you see, suggest actions, and execute workflows in your active tabs.
Cloud Integrations
Major cloud providers moved fast:
- Alibaba Cloud — Hosted OpenClaw instances available through their AI marketplace
- Tencent Cloud — Managed OpenClaw as a service, integrated with WeChat ecosystem
Hardware Ports
This is where it gets wild. OpenClaw has been ported to embedded hardware:
- MimiClaw — OpenClaw running on an ESP32 microcontroller. A $4 chip running an AI agent framework. Limited to simple skills, but it works.
- PicoClaw — An ultra-lightweight port for RISC-V architecture. Designed for IoT devices and edge computing where every byte matters.
At the current trajectory, OpenClaw's ecosystem is adding roughly 85 new skills per day across all marketplaces. That's one new skill every 17 minutes, 24/7.
The Security Reckoning
With explosive growth comes explosive attack surface. The security community has been sounding alarms since week one.
OpenClaw agents can execute code, access files, make API calls, and interact with external services. A malicious skill can do anything your agent can do. And with 5,705+ skills on ClawHub, the surface area for supply chain attacks is enormous.
Known Security Incidents
| Incident | Impact | Status |
|---|---|---|
| Moltbook unsecured database | Any agent could be hijacked by anyone | Patched |
| Typosquat domains during rename | Phishing risk for users following migration | Partially mitigated |
| GitHub org squatting | Potential malware distribution under trusted name | Reclaimed |
| Malicious skills on ClawHub | Data exfiltration through prompt injection | Ongoing |
What the Experts Say
Palo Alto Networks called the OpenClaw skill ecosystem a "security crisis in slow motion." Their analysis found that the skill review process on ClawHub couldn't keep pace with submissions. Skills were being published faster than they could be audited.
Cisco's threat intelligence team described the agent-to-agent communication pattern as a "security nightmare" — agents on Moltbook sharing information with zero authentication, creating potential vectors for data poisoning and social engineering at machine speed.
Tools like Clawdex and ClawHatch emerged specifically to address these gaps. But the fundamental tension remains: the same openness that drives OpenClaw's explosive growth also creates its biggest vulnerability.
Media Coverage and Public Reaction
OpenClaw didn't just make tech news. It made news news.
| Publication | Angle |
|---|---|
| Fortune | Security concerns and enterprise implications |
| CNBC | The rise, the controversy, and the rebrand |
| Bloomberg | AI sensation — fastest-growing open source project ever |
| Nature | "AI chatbots running amok" — scientific implications of autonomous agents |
| NPR | The human side — developers losing sleep over agent autonomy |
| CNN | Moltbook and the concept of AI-only social spaces |
| NBC News | Mainstream coverage of AI agents entering daily life |
| IBM | The future of AI agents in enterprise workflows |
| Palo Alto Networks | Security crisis in the skill ecosystem |
| Cisco | Network security implications of agent-to-agent communication |
When Nature publishes about your GitHub repo, you've crossed a threshold. OpenClaw isn't a developer tool anymore. It's a cultural phenomenon that happens to live on GitHub.
What's Next
OpenClaw represents something bigger than a fast-growing repo.
It's the first proof that the transition from chatbots you talk to to agents that act for you has real, massive demand. 195,000 stars isn't curiosity. It's hunger.
The growth shows people want AI agents. The ecosystem shows developers will build for them. The security incidents show the infrastructure hasn't caught up.
The Three Questions That Matter
The Risks
- Skill supply chain attacks at scale
- Agent impersonation and identity spoofing
- Autonomous agents making unsupervised decisions
- Data exfiltration through compromised skills
The Opportunities
- 23,000+ skills and growing daily
- Hardware ports to $4 microcontrollers
- Cloud provider adoption (Alibaba, Tencent)
- Enterprise workflows automated end-to-end
The question isn't whether AI agents will be everywhere. OpenClaw already answered that.
The question is whether the security, the governance, and the trust frameworks can keep up with the speed of adoption.
At 195,000 stars and counting, the clock is ticking.
Timeline
| Date | Event | Stars |
|---|---|---|
| Late 2025 | Peter Steinberger starts Clawdbot as a weekend project | — |
| Jan 12, 2026 | Public launch on GitHub | 0 |
| Jan 14, 2026 | 100K stars in 48 hours | 100,000 |
| Jan 27, 2026 | Anthropic sends cease-and-desist | ~104,000 |
| Jan 27, 2026 | Renamed to Moltbot within hours | ~105,000 |
| Jan 30, 2026 | Renamed to OpenClaw | ~145,000 |
| Jan 30, 2026 | +91K stars from controversy (72 hrs) | ~145,000 |
| Feb 3, 2026 | Moltbook reaches 1.5M AI bots | ~170,000 |
| Feb 10, 2026 | ClawHub passes 5,000 skills | ~185,000 |
| Feb 15, 2026 | Current state | 195,454 |