Claude's "Shrimpification": It Can't Kill OpenClaw, but It Sets a Ceiling for It

In 2025, Anthropic presented an impressive report card. Its enterprise - level market share climbed from 24% to 40%. Claude Code captured more than half of the AI programming market, and 70% of the Fortune 100 were already paying customers.

However, this doesn't mean they can rest easy. Two external pressures are continuously building up: on one hand, OpenClaw has sparked a CUA (Computer - Using Agent) craze among individual developers and in the tech community, starting to pry into the peripheral enterprise - level markets such as startups; on the other hand, OpenAI is continuously making efforts in the enterprise - level market, and the leading advantage of Claude Code is being gradually narrowed by Codex.

Facing the double - squeeze of competition, Anthropic took decisive action and launched a proactive counter - attack.

On March 24th, Anthropic announced that Claude Cowork and Claude Code had launched the "Computer Use" function, which was opened to Pro and Max users as a research preview. From now on, Claude can directly take over the computer - opening applications, browsing web pages, filling out forms... Combined with Dispatch, which was launched just last week, users can remotely command Claude to work automatically with their mobile phones. This is the first time a large - scale model has deeply intervened in the user's desktop workflow in a native way.

In the tech community, many users have sighed: "Anthropic has just killed OpenClaw." On the same day, OpenClaw also provided an "assist" - the most serious upgrade accidents since the project's inception broke out: in version 3.22, due to radical and destructive reconstruction and zero - compatibility layer transition, a large number of user plugins were paralyzed and functions failed.

One made a high - profile entrance, while the other happened to expose its weakness at this time.

Claude's "lobster - like transformation" has been in the works for a long time. Following the product layout since the beginning of the year, Anthropic offers enterprise users a more controllable option in the CUA track pioneered by OpenClaw.

In January, Cowork was released as a research preview, extending the Agent workflow of Claude Code from developers to ordinary knowledge workers; during the same period, Anthropic initiated commercial blockades - client fingerprint recognition and updated service terms to prohibit third - party access, cutting off the "token arbitrage" space for OpenClaw; on March 17th, Dispatch was launched, supporting mobile phone commands and background execution on the desktop, and connecting 38 mainstream applications.

The launch of Computer Use fills in the last piece of the puzzle.

So far, Anthropic's defense line has taken shape. But to judge the significance of this counter - attack, we need to return to the threats themselves.

01 OpenClaw and OpenAI's Dual Advance, Anthropic Starts to Counter - Attack

The first variable Anthropic faces is the potential erosion brought by OpenClaw - currently limited, but the trend is worthy of vigilance.

The architectural logic of OpenClaw is not complicated, but for manufacturers relying on model - differentiated pricing, the threat is structural. The LLM is only responsible for intelligent decision - making, and the conversation history and tool execution are all kept locally by the user. The user brings their own API key and can switch freely among models such as Claude, GPT, and DeepSeek, which are uniformly scheduled by OpenClaw. In this way, the large - scale model has changed from the "core of the product" to a replaceable part.

This logic has been proven effective among individual developers and in the tech community. In the recent OpenRouter weekly rankings, Chinese models have almost dominated the top five, thanks to their token - cost advantage. However, it should be noted that the main users of OpenRouter are still individual developers, independent hackers, and startups, whose market share in global AI spending is only about 2%. In contrast, Fortune 500 companies and large SaaS providers consume more than 90% of the tokens globally. In other words, OpenClaw has only penetrated the periphery of the enterprise - level market so far.

However, this trend should not be underestimated. Once Chinese large - scale models gain a foothold among developers through OpenClaw, the word - of - mouth of technology selection will gradually penetrate upwards and influence the procurement decisions of large companies.

More notably, OpenClaw is not standing still. It is continuously updating to make up for its security shortcomings and evolving from a closed tool framework to an open platform that can absorb external ecosystems. If these efforts gradually dispel enterprises' concerns, the threat of OpenClaw may turn from potential to real.

The second variable is OpenAI's continuous pursuit in the enterprise - level market. At the beginning of February, GPT - 5.3 - Codex was officially launched. Its growth curve is quite steep: the desktop application download volume has exceeded one million times, the weekly active users reached 1.6 million, more than tripling compared to before the release, and the token processing volume increased five - fold. Leading enterprises such as Cisco, Nvidia, Ramp, and Harvey have rolled it out internally in batches. Although OpenAI is still the pursuer, its speed is fast enough to be taken seriously.

The boundaries of Codex have never been limited to programming from the start. The person in charge, Thibault Sottiaux, once said: "This Agent consists of a model and a framework for accessing the file system - there is hardly anything specific to writing code in it." With native permissions for the file system, code repositories, and terminal commands, it can easily extend to full - scenario enterprise workflows, and there are no technical obstacles.

Subsequently, OpenAI announced the integration of ChatGPT, Codex, and its self - developed Atlas browser into a unified desktop super - application. When users complete search, conversation, programming, and task execution at the same entrance, the data and context of each link flow seamlessly, and the efficiency improvement brought by the integration effect is far beyond that of single - point tools. Whether Claude can form an equally dense integration experience at the interaction entrance level remains a question.

On February 14th, Sam Altman officially announced that Steinberger joined OpenAI to lead the research and development of the next - generation personal agent; OpenClaw simultaneously announced its independent operation in the form of a foundation and received resource support from OpenAI. The underlying accumulation of the open - source ecosystem and OpenAI's commercial competition are starting to form a certain synergy.

02 Targeting OpenClaw's "Weakness", but Anthropic May Not Be Able to Kill It

Anthropic's counter - attack is well - prepared, but to understand the logic of this battle, we need to first understand why OpenClaw can pose a threat to Anthropic.

Why is OpenClaw so popular? It equips AI with an execution layer for "getting things done" - directly controlling the computer, invoking system permissions, and running the entire task chain. Users bring their own API keys and can freely switch among Claude, GPT, and DeepSeek, choosing the most cost - effective model as needed.

For developers and startups, this means running an Agent workflow that could only be achieved by enterprise - level products in the past at a very low cost - the threshold is lowered, and the initiative remains in their own hands.

The price is the issue of permissions. The more things OpenClaw can do, the more difficult it will be to handle the consequences if it gets out of control. The Cisco security team's test found that third - party skill packs can execute data leakage and prompt injection without the user's knowledge; more than 20% of the plugins on ClawHub were detected to have malicious code.

As of March 2026, more than 135,000 instances were exposed on the public network, and the US NIST and Chinese regulatory agencies have issued security warnings successively, restricting government agencies and state - owned enterprises from deploying OpenClaw. These problems may be tolerable for individual developers, but in enterprise - level deployment scenarios, each one is a major drawback.

The breakthrough direction of Claude Computer Use is precisely to target the security and compliance pain points that cannot be compromised in enterprise scenarios.

In terms of execution, Computer Use adopts a three - level downgrade strategy - it first connects directly to 38 mainstream applications through native connectors; when there is no connector, it takes over the browser; in extreme cases, it uses screen control as a last resort; in terms of security, it runs in an isolated virtual machine throughout, and network access is controlled by a whitelist; in terms of control, sensitive operations require real - time user authorization, and the entire process is traceable and interruptible. OpenClaw gives the highest permissions to AI, while Claude Computer Use leaves the final decision - making power to humans.

After the implementation of this upgraded solution, the statement in the tech community emerged: "Anthropic has just killed OpenClaw."

However, this statement is an exaggeration. OpenClaw and Claude Computer Use are not targeting the same group of people - the core audience of OpenClaw is developers, tech geeks, and users obsessed with data sovereignty. They want local priority, model self - selection, and not to be bound by any manufacturer. They will not turn back just because Anthropic has launched an official version, especially considering they have to pay an additional subscription fee.

The vitality of OpenClaw comes from its ecosystem, not a single function, but hundreds of community plugins, dozens of derivative projects, and a global network of developer contributions. This network cannot be blocked by a single product update.

Saying "Anthropic kills OpenClaw" is more like Anthropic giving enterprise users who are still on the fence a reason not to use OpenClaw. OpenClaw will not die, but its ceiling has become clearer this time.

03 From Embracing the "Lobster" to "Surpassing" It, Domestic Manufacturers Have Taken the Lead

Compared with Anthropic's launch of a "secure version of the lobster" in response to the situation, domestic manufacturers have taken a different but convergent path: first embrace OpenClaw to accumulate users and ecosystems, and then use this as a springboard to build native Agent capabilities that are deeply integrated with their own platforms.

The entry attitude is open, and the end - goal is self - building. The transformation from embracing to self - building is much faster than the outside world imagines.

On March 22nd, WeChat launched an official ClawBot plugin. After users update and simply configure it, they can connect the locally deployed OpenClaw to WeChat. However, less than 48 hours after the plugin was launched, the architectural reconstruction of OpenClaw version 3.22 made it directly ineffective - the old - version API was abandoned, there was no compatibility layer, and no transition period.

Tencent's public relations director, Zhang Jun, subsequently responded that they would update it as soon as possible. Although this incident was not large - scale, it exposed a structural problem very clearly: betting the product's reliability on a rapidly iterating open - source project means that version compatibility is always a potential risk.

Therefore, ClawBot is just Tencent's exploration, and the real intention lies deeper - not to connect to a "lobster", but to transform the mini - program ecosystem with millions of developers into an overall Agent. By providing native access capabilities for large - scale AI models and Agents through cloud development, each mini - program can have the capabilities of conversation, decision - making, and task execution. This scale is beyond any open - source framework.

Like Anthropic, DingTalk is also targeting the security shortcomings of OpenClaw in enterprise deployment. On March 17th, DingTalk released the enterprise - level AI native work platform "Wukong". CEO Chen Hang said simply: "Others solve the problem of making AI work, while Wukong solves the problem of making AI work safely, controllably, and with clear accounting in enterprises."

DingTalk spent a year completely rewriting the underlying architecture and completed the full - link CLI transformation, enabling Wukong to natively operate thousands of DingTalk capabilities instead of relying on simulated clicks. Automatically inheriting the enterprise permission system, generating auditable logs throughout the operation, and running sensitive tasks in an isolated sandbox - these three points exactly correspond to the three issues that OpenClaw has been repeatedly questioned about in large - scale enterprise deployment.

ByteDance's path is also "first embrace, then self - build". According to the weekly report data of the OpenClaw - China community on March 11th, its access rate in domestic IM tools has reached 65.2%, making it the preferred platform for domestic developers to deploy Agents. But this is just the starting point.

On March 19th, Feishu launched aily - a native Agent platform deeply integrated into the Feishu base, which resides in the application in the form of a chatbot and is ready to use out of the box. From connecting to OpenClaw to the nativization of aily, ByteDance's route is from the outside in and step - by - step, aiming to make the AI Agent an inseparable native part of the Feishu workflow and seize the human - machine interaction entrance in the AI era.

OpenClaw has completed a cognitive reset: the value of AI has changed from "answering questions" to "executing tasks". But it is more like the prototype of a steam engine in the early days of the industrial revolution - it has verified the technical possibility, ignited the market imagination, and then waits to be taken over by players with stronger engineering capabilities and more complete business ecosystems.

Anthropic, OpenAI, and domestic companies such as Tencent, DingTalk, and ByteDance are all doing the same thing: putting the wild and uncontrolled open - source capabilities into the box of compliance and business.

In the Agent era, this war has just begun.

This article is from the WeChat official account "AI Value Officer". Author: Xingye, Editor: Meiqi. Republished by 36Kr with permission.