Google just dropped the hammer on OpenClaw, and the fallout is proving to be far more significant than a simple Terms of Service dispute. Paying subscribers of the $249.99/month Gemini AI Ultra tier are waking up to frozen accounts and, in some cases, losing access to their wider Google Workspace ecosystem, including valuable emails stored in Gmail. The stated reason? Using Peter Steinberger’s wildly popular open-source autonomous agent, OpenClaw, to proxy API calls via consumer OAuth tokens.
But if you look closely at the timing, this isn’t just about API abuse. This is the latest offensive in the “Monetization War”—and the lines between the open ecosystem and closed corporate gardens are hardening. Both Peter Steinberger (creator of OpenClaw) and Varun Mohan (lead of Antigravity at Google) have now officially confirmed these restrictions via recent statements.
The “Malicious Usage” Justification
Google’s Antigravity lead, Varun Mohan, didn’t mince words. He attributed the draconian restrictions to a “massive increase in malicious usage” of the Antigravity backend that was tremendously degrading the quality of service for legitimate users.
We’ve been seeing a massive increase in malicious usage of the Anitgravity backend that has tremendously degraded the quality of service for our users. We needed to find a path to quickly shut off access to these users that are not using the product as intended. We understand…
— Varun Mohan (@_mohansolo) February 23, 2026
This tracks with recent community complaints regarding Gemini 3.1 Pro getting stuck in loops and failing to produce expected outputs. It seems the sheer volume of automated OpenClaw calls was part of the problem. Google felt compelled to find a quick path to shut off access to users who weren’t using the product as intended, to prioritize fair access for their actual users.
OpenClaw isn’t just a basic wrapper. It’s a continuous, automated system that initiates extremely rapid API calls to execute tasks across applications. From Google’s perspective, this looks exactly like a DDoS attack or an unauthorized scraping operation running through a backdoor. The technical violation specifically concerns the use of “Google Antigravity OAuth tokens” outside of Google’s official platforms.
This is a classic friction point in the transition to agentic AI. Models like the ones detailed in our recent look at Gemini 3 Flash are immensely powerful, but they require massive compute overhead. When third-party frameworks like OpenClaw hijack consumer subscriptions to perform enterprise-scale iterative loops, the unit economics for the provider collapse entirely.
The Security Argument Holds Water
Google isn’t entirely wrong to point to security concerns. Allowing an unvetted open-source agent to read and write across an enterprise’s entire Google Workspace environment is an IT nightmare waiting to happen.
There have already been documented instances of exposed OpenClaw instances leading to information theft. When an agent has the keys to your Gmail, Drive, and Calendar, the blast radius of a vulnerability is total. This is a vulnerability class we’ve seen before, similar to the security debt accumulating in tools like Cursor with MCP Agents.
Industry Polarization: The Blue Alliance vs. The Rest
Google’s move doesn’t exist in a vacuum. It perfectly mirrors action taken by Anthropic just days prior, when they also explicitly banned the use of consumer OAuth tokens for OpenClaw. However, the approach was vastly different.
Peter Steinberger noted the contrast directly, pointing out that “Anthropic pings me and is nice about issues, but Google just bans.” When Anthropic had issues with the naming convention of “ClaudeBot” (an earlier iteration), they issued a warning, giving Steinberger time to adjust.
Google, conversely, issued zero warnings before dropping the ban hammer and disabling entire accounts. Steinberger has advised users to be careful and indicated he will likely remove Antigravity support from OpenClaw entirely in the coming days. If you’re looking for alternatives, we’ve already compiled a list of the best OpenClaw alternatives.
What we are seeing is a sudden, coordinated lockdown by the major AI labs to protect their API revenues and enforce what I call “API-first Enterprise Economics.”
But here’s what nobody’s asking: Who benefits from this?
The answer is OpenAI. While Google and Anthropic—fueled by the massive scale of the Apple & Google Gemini Alliance—are busy playing whack-a-mole with community developers, OpenAI has seemingly taken the opposite approach. They acquired Peter Steinberger in February 2026, and they explicitly allow ChatGPT Plus subscriptions to power OpenClaw.
By keeping their garden gates slightly ajar for developers building autonomous agents, OpenAI is commoditizing the agentic orchestration layer while solidifying their position as the default compute provider for the open-source community.
What This Means For You
If you’re a developer or an enterprise IT leader, the era of “bring your own token” AI orchestration is officially over for Google and Anthropic ecosystems. The walled gardens are closed.
- Expect Enterprise API Pricing: You can no longer subsidize highly iterative agentic workloads using $20 (or even $250) consumer subscriptions. You will have to pay true API costs, which changes the ROI calculation for autonomous agents entirely.
- Platform Lock-in is Intensifying: Choosing your foundational model now means choosing your orchestration ecosystem. The major labs are actively breaking third-party middleware that they don’t control.
- Audit Your Automated Workflows: If you have internal tools relying on undocumented API access or browser automation for Gemini or Claude, expect them to break without warning.
The Bottom Line
Google banning OpenClaw isn’t just a story about a rogue app; it’s the opening salvo in the war for agentic orchestration. The major labs have realized that if they don’t control the agent layer, they are simply dumb pipes providing expensive compute.
By shutting out OpenClaw, Google is forcing users back into their native interfaces, prioritizing revenue and security over developer convenience. It’s a pragmatic business move, but it hands the open-source community directly to their biggest rival. For a deep dive into the alternatives emerging in this new landscape, check out our guide to the best OpenClaw alternatives.
FAQ
Why did Google ban OpenClaw?
Google cited a massive increase in continuous, automated API calls that degraded service quality, defining the use of third-party proxy tools over consumer OAuth tokens as a Terms of Service violation.
Are other AI providers doing the same thing?
Yes. Anthropic recently updated its terms of service to explicitly ban the use of Claude consumer OAuth tokens with third-party tools like OpenClaw.
Does this mean I can’t use OpenClaw at all anymore?
You can still use OpenClaw, but you will need to rely on providers that haven’t blocked it (like OpenAI) or switch to using official, paid developer API keys rather than consumer subscription tokens, assuming the provider permits it.
