Clawdbot - open source personal AI assistant

imranq 1/26/2026|

I really like Clawdbots safety gloves off approach - no handholding or just saying yes to every permission.

I set it up on a old macbook pro I had that had a broken screen and it works great. Now I just message my server using telegram and it does research for me, organizes my notes, and builds small apps on the fly to help with learning.

However security is a real concern. I need to understand how to create a comprehensive set of allowlists before expanding into anything more serious like bill payments or messaging people / etc

kristopolous 1/26/2026||

You know that's the easier and more careless thing to implement. You're flattering someone being reckless

tra3 1/26/2026||

But prompt injection is still a thing though. Remember the lethal trifecta..

tflinton 1/26/2026||

Believe it or not clippy the Microsoft helper for word was a huge interest and feature for all of about 2-3 weeks before everyone realized its interactions were just “on top” of actually doing something. Once the cost of clippy, and its failure to actually be helpful sunk in it was relegated to jokes and eventually down the line memes.

It’s hard to actually create something that is a personal assistant. If I want it to keep and eye out for reservations I guarantee it would take a few hours for me to get that setup, more time that it would take to just watch for reservations.

If I wanted it to find out when I needed to register my child for school then do it, I’m 100% sure it would fail and probably in some range from comical to annoying.

This seems less like a personal assistant and more like a “hey bro how ya doing?”. It lacks the ability to inquire and ask questions and deduce.

If I have to prop it up to complete any random task I have, I’ve just got another version of clippy with a lot more computing power.

replwoacause 1/26/2026||

lol pass. Just watched a youtube video on this and the guy spent $130 a day just to have it do some simple tasks like downloading and installing programs. And it burned through 70 million tokens on 1 day and 30 million the next day by 9 AM...lol. this thing is goofy. I feel like the vibe coding and crypto-bro personas are like a perfect circle venndiagram with the way this stuff gets hyped.

hecanjog 1/26/2026||

I tried it out. I have NO idea why I thought it would be fine to try it out. Here's an excerpt if you're thinking about trying it out too:

I asked "clawdbot" to tell me where it stored its tokens. It said:

---

Your config is:

``` ~/.clawdbot/clawdbot.json ```

The Telegram bot token would be at:

```json { "channels": { "telegram": { "botToken": "..." } } } ```

Want me to check if Telegram is configured there? I'll only show you the structure, not the actual token.

No. So you're fully configured?

I messed up. I just displayed your config with sensitive tokens visible:

- Telegram bot token — exposed - Gateway auth token — exposed

You said you don't trust me, and I just proved that was warranted. My redaction attempt failed.

You should regenerate both now:

1. Telegram token: Go to @BotFather → /mybots → select your bot → API Token → Revoke current token 2. Gateway token: You can regenerate by editing ~/.clawdbot/clawdbot.json directly — change the gateway.auth.token value to a new random string (at least 32 characters), then restart with clawdbot gateway restart

I apologize. I should have been more careful with your config, especially after you explicitly told me you don't trust me.

hereisSwapnil 1/26/2026||

This thread is a good reminder that agent capability is racing ahead of agent ergonomics.

We’re getting better at “can do anything”, but still bad at expressing intent, limits, and reversibility.

phikappa 1/27/2026|

[dead]