The answer is in your question:

"...through a vulnerable WordPress plugin, a web shell, weak SSH credentials, or a compromised container"

DirtyFrag alone doesn't help an attacker; they need to get in first. But the blast radius is much wider now. A wordpress flaw, or a prompt injection in your OpenClaw skills, or a supply chain compromise in npm librarires means they now have full root access to your system.